How does an application find its way into a company? In most cases today, people don’t start by searching through their organization’s catalog of approved applications.

Netskope is proud to have again contributed data and insights to Verizon’s annual Mobile Security Index, one of the most influential reports in the industry for evaluating mobile security trends. This report is based on a survey of hundreds of professionals responsible for buying, managing, and securing mobile and IoT devices, making it highly relevant to cybersecurity decision makers who deal with the challenges of hybrid work. Here are some of the highlights.

AsyncRAT is an open-source remote administration tool released on GitHub in January 2019. It’s designed to remotely control computers via encrypted connection, providing complete control via functionalities such as: Although the official GitHub repository contains a legal disclaimer, AsyncRAT is popularly used by attackers and even some APT groups. Netskope Threat Labs recently came across a FUD (Fully Undetected) Batch script which is downloading AsyncRAT from an Amazon S3 Bucket.

Digital transformation has driven the rapid adoption of cloud-delivered services like SaaS/IaaS/PaaS in enterprises. This, in turn, has resulted in the migration of digital assets (aka data) from the confines of enterprise data centers to the cloud data centers that are not under the control of the enterprises. Additionally, the onset of the COVID-19 pandemic has resulted in remote work becoming the norm.

Software supply chain is anything and everything that contributes to making software functional. This includes code in the developer system, the CICD pipeline, dependencies, binaries, and deployed software in production, as well as people, processes, and the technology space. With the growing adoption of assembling software from distributed, unmanaged components rather than building it from scratch, more often than not, organizations are not aware whose, or what, code is running within their software.

Security leaders often question why performance matters. In this blog, we will discuss the “tug of war” that exists between implementing robust security controls and delivering a superior user experience as we spotlight the findings from a new white paper from industry analyst IDC, and highlight why the design of the Netskope NewEdge infrastructure is so important to how we approach these challenges.

Now that Black Hat USA 2022 and DEF CON 30 are over, it is time to reflect on the security industry nicknamed “Summer Camp”, and the week that was in Las Vegas. We had a number of Netskopers from across different teams on the ground and in-person attending the conferences. Like with any large conferences, there were likely many folks who weren’t able to make it out to Las Vegas this year for myriad reasons.

Misconfigured internet-facing servers are a growing risk for organizations and one of the preferred weapons for ransomware gangs to break into their victims’ networks.

In the past, cybersecurity has often been seen as disconnected from the rest of the IT team, as well as from an enterprise’s core business activities. Security professionals in some organisations have been left to operate in their own organisational structures, defining and enforcing policies with little interaction with other departments.

We’d like to think of our coworkers as trusted team members, collaborating on a shared mission to make positive contributions to the well being of the company. For the most part, this is true, but we must also recognize that our coworkers are individuals who may conduct themselves in ways that are detrimental to the company.