What's new in UpGuard // Cyber Vendor Risk Management Product Releases
Check out the latest product releases from UpGuard!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Zoom. Enhance!: Finding Value in Macro-level ATT&CK Reporting
With cyberattacks growing in scale and complexity, it has never been more difficult to figure out where to invest your time and defensive resources. This remains the core challenge of optimizing an effective security organization. A good prioritization approach should be data-driven, and informed by real attacker activity.
Top 20 Worst HIPAA Violation Cases in History
Over the years, there have been countless cases of HIPAA (Health Insurance Portability and Accountability Act) violations, which can result in significant financial penalties. Most are directly linked not to accidental employee misconduct or malicious intent but to a lack of understanding of HIPAA standards by healthcare organizations. Most cases involve poor implementation of security controls or lack of risk assessment auditing, to save money and avoid costly auditing.
What's in your build? Building Images in OpenShift with Artifactory and JFrog CLI
Red Hat OpenShift is an enterprise Kubernetes container platform. It lets you build Docker images and use them to deploy your applications on a cloud-like environment (even if it’s not really on the cloud, rather a simulated cloud environment). Images built in OpenShift can be easily pushed into JFrog Artifactory – JFrog’s leading universal repository manager.
Log4j/Log4Shell One Year Later: Endemic Vulnerability Indeed
On December 9, 2021, Apache upended the cybersecurity industry by publishing a zero-day vulnerability (CVE-2021-44228) for its ubiquitous Log4j logging utility. Dubbed Log4Shell, the remote code execution flaw (CVSS score:10) allows an attacker to take control of a connected device and run malicious code, access sensitive data or alter its configuration. Because Logj4 is free and easy-to-use, it’s embedded (often deeply) in Java applications used by IT and OT platforms worldwide.
Defragging database security in a fragmented cloud world
Security can often be distilled down to protecting data. And with microservice-driven applications, the approach to cloud database security has evolved quite dramatically. Beyond just securing data in the cloud, it’s now also difficult to know where the data resides, where the data is flowing, and how this data should be classified.
Coffee Talk with SURGe: Splunk GovSummit, NIS2, Cyber Collaboration Program, Exercise Crossed Swords
Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Kirsty Paine for a special episode of Coffee Talk with SURGe, live in Washington, DC for GovSummit. The team from Splunk will discuss the latest security news, including: The episode also features a special GovSummit segment featuring Splunk CEO Gary Steele and Juliana Vida, Splunk's Chief Technical Advisor for the public sector.
This Month in Datadog: Cloud SIEM Investigator, API Catalog, Expanded AWS Coverage, and more
Datadog is constantly elevating the approach to cloud monitoring and security. This Month in Datadog updates you on our newest product features, announcements, resources, and events. This month, we put the Spotlight on Universal Service Monitoring..
Stranger Danger: Your JavaScript Attack Surface Just Got Bigger
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
The Secrets to a Successful Career in Cyber Security
In this video, I'm sharing with you the secrets to a successful career in cyber security. Cyber security is one of the fastest-growing sectors, and there are plenty of opportunities for skilled professionals. If you're interested in a career in cyber security, then you need to watch this video! I'll share with you everything you need to know to get started in this exciting field. From the basics of cyber security to what employers are looking for in a cyber security candidate, this video will help you build a successful career in cyber security.