Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

One of the most challenging aspects of running an effective Security Operations Center is how to account for the high volume of notable events that ultimately do not present a risk to the business. Some examples of non-risky notable events include a user forgetting their password and submitting it erroneously multiple times in a row, or a user accessing a system (for a completely valid reason) at an odd hour outside of their normal behavior.

GitOps was pioneered by Weeveworks in 2017. It uses familiar tools to implement continuous deployment for cloud-native applications, improving the developer experience of Kubernetes cluster management and application delivery.

Shocking to no one: Artificial Intelligence (AI) was a huge topic at Black Hat USA 2023, but what did we learn about it? With no shortage of talks on it, there are many insights to take into account. We asked highly skilled Software Security Researchers who attended both Black Hat and DEFCON to weigh-in on the most insightful moments, particularly related to AI. Here’s what we found.

As organizations grow, they naturally need to analyze logs from more data sources. But as these data sources expand in number and type, it becomes more difficult for teams to scale their security detection rules to keep up with the ever-changing threat landscape. Sigma is an open source project that aims to address this challenge. By leveraging the expertise of the open source community, Sigma enables security teams to implement out-of-the-box rules that cover a wide range of threat scenarios.

According to the Bank for International Settlements, the financial sector is most targeted by hackers, after the healthcare sector. Finance businesses handle and manage large amounts of financial data, making them prime targets for cybercriminals. According to the Financial Stability Board, a serious cyber incident could destabilize financial systems, impacting critical infrastructure and the economy.

Cybersecurity is necessary to protect data from criminals. However, the world of cybersecurity is not so simple. Therefore, a discussion of cybersecurity ethics needs to examine the morality of businesses collecting, processing, using, and storing data. How cybersecurity professionals affect security measures is also worth exploring. Businesses and individuals should ask themselves whether the ends justify the means and to what extent they are willing to sacrifice data privacy for data protection.

While there is no unitary law for cybersecurity and data protection in Germany, the cyber security landscape is held together by a combination of federal and European laws and regulations. Like every European country, Germany’s data protection is governed and enforced by the strict EU-GDPR.

Some signs that indicate your identity may have been stolen include seeing charges you didn’t make on your bank account statement, new inquiries on your credit report, an unusual drop in your credit score, credit checks you didn’t initiate, your credentials being posted on the dark web and more. Continue reading to learn more indications that your identity has been stolen and what to do if you’re a victim.

AI tools have become increasingly popular in various industries as businesses recognize their potential to revolutionize processes and drive innovation. These tools leverage advanced algorithms and machine learning techniques to automate tasks, analyze vast amounts of data, and generate valuable insights. In 2022, around 35% of businesses worldwide used AI tools and 61% of employees say AI helps to improve their work productivity.

Your external attack surface is growing rapidly. The adoption of cloud technologies, business growth, a remote workforce, IoT, and a growing supply chain of digital vendors creates an enormous digital footprint and increased cyber risk. External attack surface management (EASM) can help you mitigate and manage this risk—proactively and at scale.