Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

“This is the golden era of application security,” says Founder of Manicode Security and secure coding trainer Jim Manico on episode 26 of The Secure Developer podcast. Ten years ago, Manico says, security training was “a quirky thing to do — something to do on the side.” Now, assessment tools are mature, good literature on assessment makes knowledge more accessible, and a wide range of intelligent people are building secure applications.

The 2022 holiday shopping season is here. Retailers’ discounts are kicking off early, and shoppers are eager to spend, especially with big price markdowns to come as the season progresses. And with the COVID-19 pandemic still a concern to shoppers, more people are expected to shop online this season. What this also means is that as consumers whip themselves into a shopping frenzy, cybercriminals have activated their seasonal scams to try and steal money or personal information.

A detailed overview of the Remote Code Execution (RCE) attacks, how it affects the Kubernetes infrastructure, and how the vulnerabilities of the K8 systems can be mitigated. Remote Code Execution (RCE) is a vulnerability in systems that cybercriminals can exploit to perform attacks. In RCE attacks, hackers execute malicious code in target systems remotely, irrespective of their location on the network. That’s because they don’t need the target systems to have the execution functionality.

Keeping track of what technologies are being utilized across your attack surface has become virtually impossible as a result of the pace of innovation, developer methodologies, and many other factors. Questions such as, “Where am I hosting all of my WordPress sites? Or “What 3rd-party software is it using?” often go unanswered because of the sheer number of domains organizations now have to monitor.

We have more sign-in options than ever, but keeping track of them all is becoming increasingly difficult. So we’re making it easier.

It’s rare that a week goes by without at least one data breach making the news. Criminals are targeting companies of all sizes to see if they can slip past their digital defenses and steal confidential data.

Due to the increasing number of cyberattacks, particularly zero days, organizations are scrambling to obtain the best security services available. While even the smallest organization might feel that implementing Two-Factor Authentication (2FA) will keep its data secure, a targeted attack from a nefarious threat actor could lure an employee into clicking and opening a malicious document.

The Atlassian ecosystem provides thousands of companies with the ability to collaborate remotely through powerful, feature-rich SaaS applications like Jira. As such tools become the norm across companies, big and small, the amount of sensitive information stored in these systems will increase. This means that organizations need to prioritize minimizing the risk of exposure within cloud environments.