Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I’d position the following scenario to you as hypothetical but the reality of it is we have all been there at one time or another. Either as the result of a rogue script, a complete accident, or even malicious behavior, many are familiar with that sinking feeling when you noticed certain Azure Active Directory (Azure AD) objects have been deleted. Whether it be Users, Groups, Enterprise Apps, or Application Registrations, businesses rely on these Azure AD objects.

There’s no denying it, public cloud is here to stay and there’s a pretty good chance that your company is running some workloads on Amazon Web Services.

Intel is an American-based corporation that offers technology products and services to much of the world. The massive corporation employs tens of thousands of individuals and generates approximately 63 billion USD in annual revenue. The tech giant handles a significant amount of data for customers and employees, and some of that data was recently exposed in an MSI data breach.

In today's rapidly advancing digital age, internet security has become an imperative concern for individuals across the globe. With alarming predictions indicating a substantial increase in the global cost of cybercrime, from $8.44 trillion in 2022 to a staggering $23.84 trillion by 2027, it is evident that the threat posed by hackers and malware is rapidly escalating. In light of this ever-growing menace, equipping oneself with the best practices for internet safety has become more critical than ever.

Gartner’s 2023 “Market Guide for Cloud-Native Application Protection Platforms” (CNAPP) caused some security leaders to question whether they need yet another tool to protect the complex beast that is the cloud. Procuring yet another shiny security product is probably not how you earn the envy of your peers, but if your organization relies on shipping secure applications fast, then CNAPP should be on your radar. What exactly is CNAPP?

The new partnership enables Snyk and GitGuardian to build, integrate and go to market together to help development and security teams scale their security programs and significantly reduce their applications' attack surface at every stage of the code-to-cloud lifecycle.

Welcome to the third entry in our introduction to the PEAK Threat Hunting Framework! Taking our detective theme to the next level, imagine a tough case where you need to call in a specialized investigator (even Sherlock depended on Watson from time to time!). For these unique cases, we can use algorithmically-driven approaches called Model-Assisted Threat Hunting (M-ATH). In this post, we’ll look at M-ATH in detail.

In the complex world of Internet security, TLS encryption reigns. The powers behind the throne are the Certificate Authorities (CAs) that play a crucial role in verifying websites' identities and regulating the trust we place in those sites. However, understanding the trustworthiness of the CAs themselves can be challenging.

Cyberattacks are unauthorized attempts to access data and disrupt your organization's computer systems or networks. It’s reported that 49% of organizations have suffered a data breach over the past two years — it’s possibly higher than that. These data breaches can cause financial loss, reputational damage and legal liabilities. So, organizations develop Red and Blue teams to mitigate the risk of cyberattacks.

Third-party vendors are a vital part of your business ecosystem. But if you’re not careful, these companies can introduce cyber risk. The SolarWinds supply chain hack is a notable example of the jeopardy that even the most trusted partnerships can yield. But with so many moving parts, creating a supplier risk management plan – and executing on it – can be a challenging and arduous task. According to Gartner, 60% of organizations work with more than 1,000 third-party vendors.