Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Blogs

French Data Protection Authority fines Google Euro50 million under the GDPR

France’s national data protection authority (CNIL — Commission Nationale de l’informatique et des Libertés) ordered its first sanction under the EU’s General Data Protection Regulation, or as commonly called as the GDPR. In this sanction, the CNIL fined Google a whopping €50 million because of Google’s failure to comply with the GDPR provisions when a user sets up his new Android phone and follows the subsequent process.

Leveraging Service Accounts for Label-based Security

One of the key Kubernetes security concepts is that workload identity is tied back to information that the orchestrator has. The orchestrator is actually the authoritative entity for what the actual workloads are in the platform. Kubernetes uses labels to select objects and to identify collections of objects that satisfy certain conditions. We, and others in the Kubernetes networking space, often talk about using Kubernetes ‘labels’ as identity bearers.

Top 7 Tips for Improving Cyber Risk Management in 2019

With the constant barrage of headlines regarding breaches in the last few years, it seems that society in general has become numb to losing personal data. This year’s overarching cybersecurity theme is clear: We’re all in this together because we simply can’t do it alone. Effective defense demands a team effort where employees, enterprises, and end users alike recognize their shared role in reducing cybersecurity risks.

3 Tips for Enterprise Patch Management

A few weeks ago, I woke up one morning to discover that Android had 34 software updates waiting for me. This was followed by my laptop wanting to reboot after installing the latest patches from Microsoft; my tablet needing a reboot after its latest firmware update; and my server screaming for me to put “yum” into action to install the latest patches available from Red Hat – all before 10:00 am in the morning!

Securing Your Business' Cloud

As you plan to leverage cloud-based IT resources, you must first extensively analyze and evaluate the different risks associated with using such a disruptive technology like cloud computing. In many cases, business' inability to protect their data stored in the cloud is often a direct outcome of needlessly complicating the cloud security thought process.

Guest blog: Eray Mitrani - Hacking isn't an exact science

Eray Mitrani works for Nokia Deepfield where they are providing network analytics and DDoS-protections. He is a security researcher in the Detectify Crowdsource community. In the following guest blog, he goes through the process of finding and submitting his first module to Detectify Crowdsource, which is an authorization bypass.

Enhancing Egnyte for AWS Solution

Trends in computing shift back and forth like the ebb and flow of a tide. Before personal computers became household appliances, centralized computing from a client-server approach was the norm. However, widespread distribution of desktop machines lead to a change in office productivity; decentralization. People began saving their files on the same, inexpensive devices they worked from, while simultaneously using these machines to run an array of applications.

What Are the 5 Components of the COSO Framework?

In 1985, The Committee of Sponsoring Organizations of the Treadway Commission (COSO) originally formed to enable the National Commission on Fraudulent Financial Reporting. COSO’s original goal, to review causal factors leading to fraudulent financial reporting, ultimately evolved as more technologies became embedded in the process.