Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Dr. Eric Cole, former CISO and founder of Secure Anchor Consulting, explains how learning to communicate with business language can create a more compelling case for executive buy-in.

Jeff Darrington is back and he giving you a quick lowdown on logging Sysmon events through Graylog Illuminate.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Security leaders are facing a trifecta of challenges: more sophisticated and frequent cyber attacks, expanding regulations and government mandates, and organizational leaders seeking risk management assurances. CISO’s SecOps and VRM teams need complete visibility to threats across their entire attack surface, with insights to take immediate action, and timely reporting for key stakeholders. SecurityScorecard empowers you to see and understand cybersecurity risk in your organization and across your ecosystem with 360° visibility and seamless workflow integration with your security stack.

In (probably) the last in our series on ransomware, we take you through the latest ransomware attacks on businesses over the last week and - importantly - we share our expertise on the most effective ways to protect your business against a ransomware attack.

Becoming PCI DSS compliant can be a long journey and we like to begin, possibly controversially, with requirement 12 of the 12 PCI DSS Compliance Requirements. This requirement includes information security governance and there's a lot in there about your security policies. Why begin here, you might ask? Well, watch on...

How does a team-centric collaboration focus change how a team maintains the security of the code? In this fireside chat, Patrick Debois, Snyk Labs Researcher, joins Anders Wallgren, Vice President of Technology Strategy at CloudBees. to explore this theme. They discuss what's new and changing with application security and what have we learned from DevOps that organizations can and should apply to DevSecOps.

We have been witnessing an ever-growing amount of supply chain security incidents in the wild. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE. Recently, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link.