Introduce yourself and tell us what you and your company does. My name's Jonathan Haas, I'm the CEO and co-founder of ThreatKey. ThreatKey is a security posture management platform. Essentially, what that means is we help businesses secure themselves and identify which things they should be prioritizing amongst their various business tools. Things like AWS, GCP, or SaaS product like Google workspace, Microsoft 365 65, etc.
Cybersecurity is just a word, but that word is the entry way into an incredibly complex world filled with an alphabet soup-level of acronyms, connected to thousands of terms that help define the category. To help make it easier to understand the latest terminology to better your knowledge of what is happening in the cyber world, Trustwave Government Solutions has created a handy online glossary.
In the context of hybrid work, the threat of data loss is rampant. Cybersecurity systems that were once designed to operate within the confines of a network perimeter have become obsolete, with employees using various devices, networks, and applications to get their work done. As such, it’s easier than ever for companies to be vulnerable to the loss of sensitive data. So, what’s the solution? Recently, Digital Guardian published The Definitive Guide to DLP: 2021 Hybrid Work Edition.
The second quarter of 2022 offered plenty of positing on privacy, both in the U.S. and internationally. In the U.S., we saw the addition of another state privacy law, and a spark of hope in privacy professionals’ eyes with the introduction of tangible federal legislation. Plus, the Federal Trade Commission (FTC) is positioned to act on rulemaking like never before.
Managing individual business risks is difficult when silos exist. An enterprise risk management (ERM) framework consolidates risk management strategy across an entire organization, enabling better visibility, measurement, and management of business objectives. With a unified focus on addressing risk, compliance teams can universally improve regulatory compliance, governance, and risk management processes.
TL;DR Fuzzing JavaScript is easy now In this post, we introduce you to our new open-source fuzzer for the JavaScript ecosystem, Jazzer.js. Jazzer.js is a coverage-guided, in-process fuzzer for the Node.js platform. It’s based on the experience we gathered developing its namesake Jazzer, our fuzzer for the JVM platform. Internally, Jazzer.js uses libFuzzer as a solid industry-standard engine and brings many of its instrumentation-powered mutation features to JavaScript.
Since working on a spreadsheet, you and your team have come a long way. You’re enjoying the ease of working in TrustOps because it automates control mapping, test creation, and evidence workflows. However, you’re looking for ways to save a bit more time, so you can focus on your day job and growing list of priorities. Collecting evidence to validate compliance controls takes time and affects your team’s productivity, including HR, IT, and DevOps.
Remote work has become popular among employees. 74% of workers say they would be less inclined to leave a company if they could work from home. No commuting, better work-life balance, greater flexibility, and increased motivation attract employees to telecommuting. Although companies offer remote work, data security concerns them. Employees might use unsecured wifi networks, leave their computers and laptops unattended, or carry confidential documents to public locations.
Mobile app security testing is expensive, and that’s a fact. For instance, a single quality penetration test costs around $20,000-$30,000. But do you essentially have to pay this high for the service? Mobile app development companies are cutting costs because of the economic meltdown or investors pulling out. And this could make it hard to set aside tens of thousands of dollars just for penetration testing, right? Moreover, without the right budget, how would you manage app security? Solution?
