Read also: Nigeria dismantles cybercrime recruiting and mentoring hub, two Russians charged over JFK taxi dispatch hack, and more.

This blog post series offers a gentle introduction to Rego, the policy language from the creators of the Open Policy Agent (OPA) engine. If you’re a beginner and want to get started with writing Rego policy as code, you’re in the right place. In this three-part series, we’ll go over the following.

On October 30, U.S. President Joseph Biden issued a sweeping Executive Order (“EO”) focused on making AI safer and more accountable.

Application Security Testing (AST) encompasses various tools, processes, and approaches to scanning applications to uncover potential security issues. Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) are popularly used security testing approaches that follow different methodologies of scanning application codes across different stages of a software development lifecycle.

All secured webservers are alike; each vulnerable webserver running on a network appliance is vulnerable in its own way. On October 16th 2023 Cisco published a security advisory detailing an actively exploited vulnerability (CVE-2023-20198) in its IOS XE operating system with a 10 CVSS score, allowing for unauthenticated privilege escalation and subsequent full administrative access (level 15 in Cisco terminology) to the vulnerable device.

For many people, trying to remember all their passwords is a lost cause.

In the first two installments of this three-part series based on our recent white paper, The Skeptic’s Guide to Buying Security Tools, we provided an evidence-based approach to helping your organization justify a new security tool purchase and key considerations to future-proof that investment. In today’s post, we’ll discuss how to evaluate the efficacy of that tool once you’ve made the purchase and implemented it within your security ecosystem.

It is no surprise that across the financial services industry a steady increase in cloud adoption has taken place in recent years. This trend is expected to continue and grow as organizations look to replace aging, traditional technology. For financial organizations, these changes taking place impact both business operations and customers. Banking, commerce, transactions — not to mention all of their corresponding data — are part of this transformation.

In my previous blog post, What you can’t do with Kubernetes network policies (unless you use Calico): TLS Encryption, I talked about use case number two from the list of 9 things you cannot implement using basic Kubernetes network policy—anything TLS related. In this blog post, we’ll be focusing on use case number three: node specific policies.

In an increasingly digital world, the importance of quality and security cannot be overstated. Sentrium Security Ltd is excited to share our recent achievement – obtaining ISO 9001 and ISO 27001 certifications. These certifications showcase our unwavering commitment to enhancing quality and security for our valued clients.