At ThreatQuotient, we write a lot about security automation. Most recently, we’ve discussed how our data-driven approach to automation helps enable extended detection and response (XDR) in all phases of security operations including detection, investigation and response.
Even before the pandemic, many companies had a relaxed approach to the devices employees brought to work. In fact, many businesses had BYOD (bring your own device) policies that allowed team members to work on personal laptops or cell phones. By one account, 75% of employees use their personal cell phones for work. The rise of remote work has only escalated the use of tablets, laptops, and mobile phones for professional use.
Every year, business owners grapple with the same question: how can I keep my data safe? The cost of a data leak can quickly escalate to over $7 million per incident, not to mention the damage to a business’s brand reputation and competitive advantage. And, unfortunately, cyber attacks are getting more sophisticated every year. There are many solutions on the market to help businesses protect their information.
Passwords are an easy way to implement an authentication mechanism in which the user is asked to enter a string of characters (that he had chosen) to log in to his accounts. We will cover brute force attacks, types and examples in this blog article.
None of us want to look into a production audit system, as this most likely happens after a security breach or a security incident. Over the years, people have come up with many ideas to see what applications are doing. Almost all databases keep event logs to prevent data loss. Systems such as Kubernetes generate events for every action, and applications that probably run in your production also implement some structured logging for the same reason. But what can we do if all of that is not enough?
As more and more applications and application development move to the cloud, traditional security roles and organizational structures are being shaken up. Why is that and what are the benefits of a cloud-first approach for business?
How does an application find its way into a company? In most cases today, people don’t start by searching through their organization’s catalog of approved applications.
When scanning an image you probably want to scan for both operating system vulnerabilities and vulnerabilities in the application dependencies (like npm, pom.xml, package.json etc), in order to get a full picture of the security issues within your images. Until now, when using the Snyk Container test/monitor commands to scan images you had to specify the --app-vulns flag in order to scan for application vulnerabilities.
Reddit is a good place to stay in the loop when it comes to web development news, and if you’re like me, you probably follow subreddits like r/node or r/javascript. I recently found a great way to build a Zapier Reddit integration with just my JavaScript knowledge — so I can share those trending Reddit posts in my team’s channel. In this article you’ll learn.
The education systems, including K-12 school institutions, are in the crosshairs of increasingly frequent and sophisticated cyberattacks. In just one month of 2021, educational organizations suffered more than 5.8 million malware incidents. Teachers, administrators and students are also targets as they use various devices such as laptops and smartphones to browse social media or send messages with friends and family.
