Threat actors continue to work faster and show greater sophistication in their tactics, techniques, and procedures (TTPs). Meanwhile, organizations struggle to keep pace because they are strapped by the persistent shortage of skilled cybersecurity professionals which, exacerbated by the pandemic, grew by 26.2% over the past year.
‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.
With new technology being developed at a rapid pace, adaptability is crucial for a company to thrive against its competitors. IT cloud modernization is a great way to drive sales growth, have the edge over your competitors, and boost your employees’ productivity while enabling greater satisfaction and collaboration with your partners, contractors, and customers.
As 2022 comes to a close, Professor Avishai Wool, AlgoSec Co-Founder and CTO, provides his top 5 issues organizations will need to be aware in 2023 that will also dominate the cyber community conversation.
Security in cloud providers like AWS is usually the highest priority. With EKS, unlike bring-your-own vanilla Kubernetes instances, you benefit from a data center and network architecture that is built to meet the requirements of the most security-sensitive organizations. To achieve this, one of the best ways is to use all the security layers we are capable of having. In this case, we will explain how to use GuardDuty and Falco to speed up threat detection.
In the first part of this blog series, I took a look at how an understanding of digital strategy and digital risk is key to starting a security transformation journey. In this post, I am digging further into how a secure access service edge (SASE) architecture with security service edge (SSE) capabilities and zero trust principles can help mitigate the types of digital risk I outlined in part one.
LimaCharlie is pleased to announce an integration with SnapAttack’s Community Edition, a new offering from SnapAttack that gives organizations access to open-source intelligence objects and behaviorally-oriented detections developed by SnapAttack’s threat research team and highly skilled community researchers together with popular community tools, such as Atomic Red Team and Sigma.
With threats to cloud native applications rising, security leaders feel more pressure than ever to counter an ever-changing risk landscape. But thanks to a rapidly expanding security solutions market, many respond to these growing demands by adding more products. With so many new tools arising to tackle security challenges, it sometimes seems like the right answer is always “one tool out of reach”.
Trustwave has been named as a Major Player in the IDC MarketScape: Asia/Pacific Professional Security Services Vendor Assessment (doc #AP49101123e, October 2022). According to the report, “Trustwave has established itself as a reputable and reliable player in the market and plans to continually invest in enhancing its service offerings with a focus on global scalability, platform delivery models, and interconnection between MSS and PSS services.”
