This is the final of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. When thinking of adjectives to describe cyberattackers, it’s doubtful that many people would choose to call them innovative – a term we’re more likely to ascribe to things we enjoy. But the reality is that adversaries are innovative, constantly finding new ways to launch attacks that result in greater rewards for less effort.
An incident response plan assigns responsibilities and lists procedures to follow if an event such as a breach were to occur. Having a plan put in place to handle cybersecurity incidents at your business can aid your business in identifying when a cyberattack is taking place, how to clean up the mess that an attack leaves and prevent an attack from happening again. Read on to learn why an incident response plan is needed, incidents that require response plans and more.
Productivity and collaboration tools are key components for any business today – we use mail, docs, spreadsheets, shared whiteboards and many other cool tools daily. In this post, we will talk about how Splunk helps teams work and collaborate securely while using Google Chrome and Google Workspace.
BloodHound is a powerful tool that identifies vulnerabilities in Active Directory (AD). Cybercriminals abuse this tool to visualize chains of abusable Active Directory permissions that can enable them to gain elevated rights, including membership in the powerful Domain Admin group. This guide is designed to help penetration testers use BloodHound to identify these vulnerabilities first, so enterprises can thwart attacks.
If you run CrowdStrike Falcon® LogScale, previously known as Humio, locally or on-premises, one of your first steps is to configure local storage so that LogScale has a persistent data store where it can send logs. If you’re running LogScale as a cluster setup, then you’ll have some data replication as a function of how LogScale manages the data. However, even with that replication, you’ll probably still want something outside of your local infrastructure for resiliency.
Docker is the primary tool used for containerizing workloads. If your company wants to build containers with quality, then you’ll need access to your Docker container logs for debugging, validation and optimization. While engineering teams can view container logs through straightforward CLI tools (think docker logs), these tools don’t provide a mechanism for storing or indexing logs over time. A central, remote location for gathering logs from Docker containers is necessary.
Did you forget your password…again? Wouldn’t it be great if you never had to deal with passwords ever again? Well, we’ve got great news for you! Meet the passkey, a brand-new passwordless technology built on industry standards by the World Wide Web Consortium (W3C) and the FIDO Alliance and backed by Apple, Google and Microsoft. Read on to find out what you need to know about passkeys – and all about how Keeper is planning to support them in 2023.
First started as an open-source project in 2018, Mend Renovate automates open source dependency updates in software projects. Renovate has enabled a diverse user base across github.com and gitlab.com, reducing risk by mitigating security vulnerabilities and saving developers’ time. Renovate is now endorsed by OpenSSF and Google as the industry standard tool for dependency updates.
