Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Using Splunk Attack Range to Test and Detect Data Destruction (ATT&CK 1485)

Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.

Customize Xray DevSecOps With Private Data

For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used in their applications.

vPenTest: Real-Time and Automated Network Penetration Test Platform

vPenTest is an automated and full-scale penetration test platform that makes network penetration testing more scalable, accurate, faster, consistent, and not prone to human error. Using vPenTest, organizations can now perform a penetration test at any time, allowing network administrators to evaluate their risks to cyber attacks in nearly real time.

SecurityScorecard Alternative for Managing Cybersecurity Risk

There are many SecurityScorecard alternatives that offer the same core functionality your organization needs to successfully manage first-party, third-party and fourth-party risk. SecurityScorecard is one of the most well-known security ratings platforms but let's look at an alternative and see how they stack up. These security ratings providers are promising to reduce cybersecurity risk by continuously monitoring the security posture of any company in the world, instantly and non-intrusively.

PlanetDrugsDirect reveals security breach, warns customers their data may have been exposed

Canadian online pharmacy PlanetDrugsDirect.com has contacted customers warning them that their data might have been exposed in what they euphemistically describe as a “data security incident”. In an email seen by Bleeping Computer, the website warned that exposed personal data could include the following: The email is, unfortunately, somewhat lacking in detail – meaning that concerned customers may have to contact PlanetDrugsDirect via email or telephone to ask questions.

Working Remotely: Insights from the Bearer Team

Bearer's co-founders Guillaume and Cédric are big advocates for remote work. Both have written about the advantages and challenges in the past on the Bearer Blog, but today I want to share some thoughts from our team on what it's like working for a distributed, fully remote company. A few main trends came up. Some expected, and a few surprising.

Working remotely: Insights from the Bearer team

Bearer's co-founders Guillaume and Cédric are big advocates for remote work. Both have written about the advantages and challenges in the past on the Bearer Blog, but today I want to share some thoughts from our team on what it's like working for a distributed, fully remote company. A few main trends came up. Some expected, and a few surprising.

13 Security Alerts and Visualizations for VPC Flow Logs

AWS VPC Flow Logs record details about the traffic passing through your application, including requests that were allowed or denied according to your ACL (access control list) rules. It also has information about the IP addresses, and ports for each request, the number of packets, bytes sent, and timestamps for each request. This information brings deep visibility and the ability to improve your security posture over time.