In the ever-evolving landscape of cybersecurity, the collaborative effort between the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) in issuing five joint Cybersecurity Information Sheets (CSIs) marks a significant milestone in guiding organizations towards secure cloud adoption. These documents serve as a testament to the critical nature of securing cloud services in an era where digital transformation is not just an option, but a necessity.

In 2022 alone, there was a staggering 70% increase in malicious events across all public clouds. And cybercriminals are specifically targeting one of the most critical assets of any organization - its data. According to an 2023 IBM report, 82% of breaches involved data stored in the cloud. So this begs the question, which tools do defenders have at their disposal to address these mounting threats?

To kick off season 5 of the Future of Security Operations podcast, I’m joined by Mandy Andress. Mandy is the Chief Information Security Officer at Elastic, a leading platform for search-powered solutions, and has more than 25 years of experience in information risk management and security. Before Elastic, Mandy led the information security function at MassMutual and established and built information security programs at TiVo, Evant, and Privada.

In a testament to the power of global collaboration, Device Authority recently witnessed the convergence of its US and UK teams in two distinct yet complementary gatherings. Amy Chu, VP Customer Success, chronicles the enriching experiences of the US team’s face-to-face summit, while Darren Cubbage, Engineering Manager, provides insights into the unity and inspiration emanating from the 2024 UK Company Get-Together.

Just as the heart keeps the body going, unseen and often not thought about unless something goes wrong, so do proxies serve as the hidden engines that power the bustling world of online retail. They are the invisible assistants that work hard to ensure the storefront—that shiny website filled with enticing products—remains the focus of our shopping experience.

The Payment Card Industry Data Security Standard (PCI DSS) was published over 15 years ago and in that time has undergone a series of revisions as technology, the threat landscape and information security best practices have changed.

The Department of Defense (DoD) has embraced the Zero Trust Architecture to enhance its resilience against evolving threats. ThreatQ emerges as a strategic ally, aligning seamlessly with the Zero Trust principles. This blog sheds light on the pivotal role of ThreatQuotient in fortifying threat detection, investigation, and response while minimizing redundancy and noise.

Imagine a site engineer visiting a construction site to inspect the progress of the project. Using his mobile device, the engineer captures images of specific areas that require attention, noting aspects like structural details, design modification, or areas that need immediate review and action. The engineer uploads the images into the project folder on Egnyte and shares it with the architect for quick feedback on the changes to be made.

Among other things, the OWASP organization delivers reports on the Top 10 most prevalent and important security risks for web-based software development. In 2019 they started reporting on the Top 10 API Security risks and refreshed that list in 2023. In this blog we describe how OPA/Styra can help with 9 of the 10 risks, and for each one we rate how impactful OPA/Styra is: Below we detail each of these 10 risks and briefly how to address them with OPA and Styra.

Compliance in healthcare is a critical component to preserving the sanctity of modern society. Compliance in any industry ensures adherence to a minimum set of requirements to ensure quality of service; while undoubtedly important everywhere, it’s more so in healthcare due to its direct impact on human lives. For example, while financial compliance secures the safety of our funds, healthcare compliance ensures the safety of our personal selves.