Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With any IT environment, especially the public cloud, security is a top concern and priority. When leveraging the public cloud, one of the most important steps to ensuring a protected environment is recognizing the shared responsibility model, as it delineates the security obligations between the cloud provider and your organization.

In the age of digital collaboration and cloud computing, access control is a critical security tool. It is crucial to ensure that only authorized users have access to the appropriate information in order to effectively manage security, adhere to privacy and industry regulations, and safeguard intellectual property (IP) for competitive advantage.

Upgrade your PostgreSQL instance to the newest version with confidence! In this benchmarking blog post, we show you the performance improvements you can expect when upgrading from PostgreSQL 13 to 16.

MuddyWater deploys BugSleep malware, researchers discover malicious files on the npm registry, and Void Banshee exploits a Microsoft MHTML flaw.

In today's rapidly evolving digital landscape, organizations face the critical challenge of maintaining robust data security while ensuring seamless access and collaboration. As businesses become increasingly digitized, the volume of sensitive and confidential information shared across departments, with suppliers and partners, has skyrocketed. This digital transformation brings numerous benefits but also heightens the risk of data loss, leakage, and unauthorized exposure.

In today's digital landscape, businesses heavily rely on third-party software for their daily operations. This reliance has led to a surge in software supply chain attacks, which are becoming increasingly prevalent and sophisticated. These attacks exploit vulnerabilities in external tools or services to gain unauthorized access and compromise systems.

As we are all very aware, being a technical person or layman, the recent CrowdStrike outage caused disruptions on a myriad of systems worldwide, affecting multiple industry sectors and millions of people in some way, shape, or format.

Earlier this year, we announced Bitsight’s next-generation internet scanning, Bitsight Groma, and AI-powered discovery and attribution technology, Bitsight Graph of Internet Assets (Bitsight GIA). While these technologies work as partners in the Bitsight Cyber Risk Data Engine to create a dynamic map of internet infrastructure, it is helpful to separate them out to understand their unique contributions.

In the early morning of July 19, a software update to CrowdStrike’s Falcon sensor started to cause one of the most extensive IT outages in history, affecting several industry sectors, including financial services, healthcare, transportation, and others. According to CrowdStrike, the outage stemmed from “a defect found in a Falcon content update for Windows hosts.” At this point, the software update has not affected Mac and Linux systems.

Log on as a batch job policy determines the accounts permitted to sign in through a batch-queue tool like the Task Scheduler service. When you schedule a task using the Add Scheduled Task Wizard, assigning it to run under specific credentials, that user is granted the right to log on as a batch job. At the designated time, the Task Scheduler service logs in the user as a batch job rather than an interactive user, executing the task within the user’s security parameters.