Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

National Cybersecurity Awareness Month (NCSAM), held every October, highlights a key theme each year. For 2022, the theme is: “See Yourself in Cyber.” Cybersecurity is more than a set of principles or tools—people are a major component, helping keep businesses safe by complying with multi-factor authentication, using strong passwords, keeping devices updated with the latest software, not installing unapproved software on devices, and reporting phishing.

We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s when we realized: modern application security programs are different. They run on CODEfidence. Let me explain.

Strong data loss prevention requires two things: a strong policy that guides user actions and permissions, and the tools to monitor and manage data security. Many organizations know they need to invest in software, platforms, and other security settings to create secure networks, endpoints, and cloud settings. But not every organization has a strong DLP policy to guide these tools. Many compliance regimes require companies to record data loss prevention policies.

As threats to technology and private information become more frequent, the President of the United States and Congress have proclaimed October to be Cybersecurity Awareness Month. This initiative aims to assist people in protecting themselves online. Government and business are working together to increase cybersecurity awareness on a national and worldwide level under the direction of the National Cybersecurity Alliance (NCA) and the Cybersecurity and Infrastructure Security Agency (CISA).

Teleport 10.3 was released on September 30, 2022 along with a lot of new features, bug fixes and improvements. This blog post will focus on one new feature that deserves a deeper dive.

The reason organizations are embracing cloud-native development is clear: AWS reports those who migrated saw an average of 20% infrastructure cost savings and 66% increase in administrator productivity. Moving your development process to the cloud offers these benefits and many others, but it also offers a whole new set of security challenges. This series is aimed at helping developers create secure infrastructure for modern, cloud-native applications.

It may sound counterintuitive, but the Dark Web presents an invaluable opportunity for businesses to flip the script on hackers. The Dark Web remains a relatively hidden digital space that comprises upwards of 5 percent of the entire internet. This is where cybercriminals go to peddle sensitive and valuable data after breaching vulnerable business networks.

Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 and organizations with Outlook Web Access facing the Internet. If exploited, the vulnerabilities can allow an attacker to elevate privilege and remote code execution capability. We immediately investigated the vulnerabilities and potential exploits and continue to monitor the situation.

The Broadway Tower in Worcestershire, England is a famous structure. It’s inspiring, beautiful, and at 62 feet high, like other similar buildings, it’s a folly. While it looks grand inside and out, it serves no purpose than to be a decoration. It’s all too easy to buy a set of policies and procedures, change the company name and some other details, then present it as an application development and security program.

After years of falling behind, the construction industry has realised the importance of its data. Construction-related businesses invested a remarkable 188% more in cybersecurity in 2018–19. Data leaks and cyberattacks have jolted sectors worldwide, affecting everyone. 55% of UK businesses experienced a cyberattack in 2019 alone, and the average damage resulting from breaches is £176,000.