This is Part 4 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Performing Security Assessments is one component of security operations that every organization does, or at least should do. However, deciding what type of assessment to conduct can be challenging. After all, there’s a long list of assessments that can be useful in providing insights into your security architecture and operational performance.

If you’ve heard of ransomware attacks in the news, you’ll know they can result in big losses for big businesses. But the fact is that organisations of any size can fall victim to an attack, and often the smaller your business is, the more severe the impact.

Cybercriminals are increasingly using new evasion strategies in their attacks in order to disable or alter company security controls. This year, there has been a surge in the use of hunter-killer malware that seeks to identify and eliminate enterprise defenses such as firewalls, antivirus, and next-generation EDR technologies. A recent report reveals a massive 333% increase in this type of malware.

In our interconnected world, the real estate industry has embraced technology to revolutionize its operations, enhance customer experiences, and streamline business processes. Yet, while this technological evolution has brought immense benefits to the property sector, it has also attracted the attention of nefarious actors keen on exploiting vulnerabilities.

While third-party products and services are crucial to everyday business operations for almost any company, they also present significant security concerns, as high-profile attacks including SolarWinds and MOVEit laid bare. Trustwave research shows the attacks vary by industry but also makes clear the best defense is the stringent application of the latest security measures, including penetration tests, vulnerability scans, and managed detection and response (MDR) services.

Earlier this year Jit announced Software Bill of Materials, which catalogs every open source component in your codebase – making it easy to understand if you are using an open source component that is impacted by a newly disclosed security vulnerability. With our new release of Open Source License Detection, you’ll also be able to detect the associated license of each open source component in your codebase.

There's no doubt that no organization wants to be the victim of a cyber attack, but even the most security-minded entity can find itself caught off-guard or exposed when a zero-day exploit is discovered.

As attack vectors expand due to architectural changes, such as distributed cloud deployment, APIs, and multiple access mechanisms, modern apps are under increasing threat. Additionally, with an ever-growing feature set, rapid release cycles, and dependency on third-party libraries, security is impacted at every application stage of the SDLC. Application-layer attacks have spiked by as much as 80% in 2023.

AI chatbots such as OpenAI’s ChatGPT, Anthropic’s Claude, Meta AI and Google Gemini have already demonstrated their transformative potential for businesses, but they also present novel security threats that organisations can’t afford to ignore. In this blog post, we dig deep into ChatGPT security, outline how chatbots are being used to execute low sophistication attacks, phishing campaigns and other malicious activity, and share some key recommendations to help safeguard your business.

Successful software projects are managed well. To manage a project efficiently, the manager or development team must choose the software development methodology that will work best for the project at hand. All methodologies have different strengths and weaknesses and exist for different reasons. Here’s an overview of the most commonly used software development methodologies and why different methodologies exist.