Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SBOM is the acronym for Software Bill of Materials, which is a list of all the open source npm packages that are part of your project. But it’s not only limited to open source or software packages, and can include operating system libraries, microservices inventory and more.

Most modern companies are highly reliant on their IT infrastructure for day-day business, with employees relying on numerous on-prem and cloud-based software solutions for their daily activities. However, for many companies, the network can be something of a black box. As long as data gets from point A to point B and applications continue to function, everything is assumed to be okay. However, the network can be a rich source of data about the state of the business.

Humans have been interacting with a version of AI through voice assistants, facial recognition software and phone photo apps for years. AI’s progress in the last few months, however, has been nothing less than mind-blowing. With its new enhanced capabilities, a meteoric rise in AI’s popularity ensued, and the recent new generative AI services are quickly becoming essential tools for users of all kinds.

Removable media devices—also known as removable storage devices–present a very high risk to sensitive data stored, processed, or transmitted by information systems in your organization. Sedara recommends implementing strict measures to safeguard sensitive information and prevent its accidental or intentional loss, misuse, or disclosure.

Experts from around the globe gathered at the RSA Conference 2023 in San Francisco, and shared what they are predicting to be the 5 most dangerous cyber security threats impacting organisations today. The panel consisted of four respected SANS analyst experts, invited to explore the latest Tactics, Techniques and Procedures (TTP’s) of modern adversaries, and empower organisations with the correct detection and defence advice.

Cyber risk governance (also called cyber risk governance or governance, risk, and compliance — GRC) and cyber risk management are often used interchangeably, but they are actually very different parts of the way an organization achieves data protection. While cybersecurity risk management focuses on implementing cybersecurity controls, cyber risk governance is more concerned with the strategy behind that implementation.

When a hacker breaches a network or system, data exfiltration often follows. But what is data exfiltration and how can you prevent it?

In yet another alarming breach incident, the notorious hacking group SiegedSec has targeted the healthcare sector once again. This time, their target was the prominent Chinese healthcare company Hinacom. The cybercriminals successfully infiltrated the company's defenses, exposing a staggering 11GB of sensitive data. This blog explores the details of the hack, the potential consequences, and the urgent need for improved healthcare security. The Hinacom Breach.

Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC. The cacophony of all the log and event data and vulnerability scans are pouring into the SIEM, and it’s Gabrielle’s job to listen to the symphony of data and find the out-of-tune notes.

The Artificial intelligence (AI) based language model, ChatGPT, has gained a lot of attention recently, and rightfully so. It is arguably the most widely popular technical innovation since the introduction of the now ubiquitous smart speakers in our homes that enable us to call out a question and receive an instant answer. But what is it, and why is it relevant to cyber security and data protection?