Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Here’s the story of how a regular project management task resulted in me opening a pull request to an open source repository on GitHub. As a new member of Snyk’s Marketing team, I was recently involved in the preparation for The Big Fix, an event that brings together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure by fixing vulnerabilities while having fun and being rewarded with swag.

Gone are the days when gate-based security processes were the most effective way to ensure security of an organization’s external attack surface. Getting the security team to sign off on every new application or asset before they go live simply is not scalable.

Now, there’s a loaded question. With so many preceding it: What do we mean by AI? Which aspects of what data are we referring to When it comes to AI? Are ethical practices universal? So, here are a few things to consider.

We’re making it easier for Phantom wallet owners to save their account password, secret recovery phrase, and wallet address in 1Password. Phantom is a digital wallet that lets you manage cryptocurrencies, tokens, and NFTs built on the Solana blockchain.

The “agents or no agents” debate is ancient and eternal. Every decade or so, we go through another round of “agents are terrible, let’s end them” and “we need more visibility and control to secure the system, maybe we’ll call it a ‘sensor’ this time.” We ultimately always land on the same conclusion. There are no silver bullets. Today, the debate is alive and well because cloud is the new frontier, so surely agents are dead this time?

I have seen quite a few articles of late proclaiming that a major cyberattack against Australia is imminent as a result of the ongoing situation in Ukraine, and in truth it's kind of riled me up a bit. The most recent announcements about Australia promising cyber support to Ukraine has increased speculation on this question.

S3 buckets without encryption can leave sensitive data exposed and at risk. As a best practice and to meet a number of industry and governmental regulations, it’s important to ensure that S3 server side bucket encryption has been properly applied at all times. To do this, many security teams rely on their Cloud Posture Security Management (CSPM) platform and/or AWS GuardDuty to monitor their AWS resources and provide alerts when an S3 bucket is found unencrypted.

In the world of cybersecurity, artificial intelligence (AI) has changed the way we discover, respond, and recover from cyberattacks. But despite the several advancements of AI in cybersecurity, cyberattacks are becoming more and more dangerous because of AI. Cybercriminals are now leveraging existing artificial intelligence tools and AI-based technologies for use in their own attacks, and as a result, cyber threats and attacks are becoming harder to prevent.

Enterprises today rely on partners and vendors to help manage their data. Some companies depend on third-party infrastructure for day-to-day operations, so understanding the regulations and protection standards that a service provider is promising to uphold is very important.

Working closely with the FBI, CISA, DOJ, and UK NCSC1, WatchGuard has investigated and developed a remediation for Cyclops Blink, a sophisticated state-sponsored botnet, that may have affected a limited number of WatchGuard firewall appliances. WatchGuard customers and partners can eliminate the potential threat posed by malicious activity from the botnet by immediately enacting WatchGuard’s 4-Step Cyclops Blink Diagnosis and Remediation Plan.