Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Benefits of a Secure Software Development Life Cycle (SDLC)

The software development life cycle abbreviated SDLC, is a term used for the process of developing, altering, maintaining, and replacing a software system. SDLC is comprised of several different phases, including planning, design, building, testing, and deployment. In Secure SDLC, security assurance is practiced within in each developmental phase of the SDLC. Throughout each phase, either penetration testing, code review, or architecture analysis is performed to ensure safe practices.

Perpetrated by Employees and Managers Already Inside Companies

KPMG’s Fraud Barometer Says Most Crime is Perpetrated by Employees and Managers Already Inside Companies. The introspective look at the UK’s £1.2 billion in 2018 fraud cases by KPMG demonstrates the need to be mindful of insiders. Each year, professional services company KMPG puts out their annual Fraud Barometer report, providing readers with the state of corporate fraud.

Incident Response Steps Comparison Guide

What is Incident Response? It’s a plan for responding to a cybersecurity incident methodically. If an incident is nefarious, steps are taken to quickly contain, minimize, and learn from the damage. Not every cybersecurity event is serious enough to warrant investigation. Events, like a single login failure from an employee on premises, are good to be aware of when occurring as isolated incidents, but don’t require man hours to investigate.

Shared CI config with versioning

The Partner Integrations team at Egnyte is responsible for building the ecosystem around our products. We are running over 25 different integrations in production. This includes such integrations as Office Online, Docusign, and Slack, the “Apps and Integrations” interface and tools for partners to easily build their integrations. The number of integrations continues to grow.

KPI's For Evaluating Your Vendor Management Program

Creating a vendor management program is difficult. However, that’s only the first part of the process. To fully implement your plan, you need to measure its effectiveness at reducing risk. To do that, you need objective key performance indicators (KPIs) for determining how well your vendors comply with the outlined controls in the service level agreement.

How to Detect Employee Fraud - Malicious Insider Protection

The greatest risk to a company is actually its own employees. Malicious insiders can commit employee fraud in many different ways: data theft, timecard theft, and monetary/asset theft are just a few types of fraud to keep on your radar. Here are four tools and practices you can adopt to detect employee fraud should it happen in your organization.

The Imperative to Address Security Concerns of the Rapidly Evolving Internet of Things

The Internet of Things (IoT) broadly refers to devices and equipment that are readable, recognizable, locatable, addressable and/or controllable via the internet. This includes everything from edge computing devices to home appliances, from wearable technology to cars. IoT represents the melding of the physical world and the digital worked, as sensors are not costly and wireless access is now ubiquitous.

PCI DSS Compliance: An Overview

The Payment Card Industry (PCI) comprise all credit card providers including Visa and MasterCard. These entities are required to uphold the integrity of the cardholders' information to prevent any breach. While complying with the PCI DSS requirements can be overwhelming, it is necessary since it'll enable you to develop stringent measures to store and protect the cardholders' data.

What is PCI DSS and why do I need it?

PCI DSS is an incredibly important compliance standard for those processing card payments. It stands for Payment Card Industry Data Security Standard. Whilst that doesn’t exactly roll off the tongue, it is a very resilient set of standard requirements that aims to make a business more secure. A 2018 payment security report revealed that no company affected by a data breach was completely compliant with PCI DSS.