Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Empowering Developers in AppSec: Scaling and Metrics

This is the second instalment of a two-part blog post. The blogs are based on one of our “AppSec Talk” YouTube videos, featuring Kondukto Security Advisor Ben Strozykowski and Rami McCarthy, a seasoned security engineer with experience at Figma and Cedar Cares. In that video, Ben and Rami delved into the critical role developers play in the security program and the application security lifecycle.

What is the KEV Catalog?

With external threats looming as a constant source of potential disruption, multiple government agencies have coordinated to compile a catalog of Known Exploited Vulnerabilities (KEV). The Known Exploited Vulnerabilities Catalog, or KEV catalog, is a database of actively exploited vulnerabilities, including those that have been exploited by ransomware campaigns, that can help application security professionals in the public and private sectors monitor threats and prioritize fixes.

Secure your Elastic Cloud account with multifactor authentication (MFA)

In an era where cyber threats are constantly evolving, protecting your identity and data from unauthorized access is more critical than ever. That's why we're excited to bring you the enhanced multifactor authentication (MFA) for Elastic Cloud. This feature significantly strengthens the security of your Elastic Cloud user and deployment data by aligning with industry best practices. You can go to Elastic Cloud and complete your MFA setup today.

Prioritize Security Without Sacrificing Productivity: Balancing Identity Management and Risk Tolerance

In the fast-paced, large-scale world of digital business, establishing and managing an acceptable risk tolerance related to user identities — both human and machine — is a critical element of organizational security. At the forefront of this challenge is the need to strike the right balance between ensuring robust security and maintaining an environment that doesn’t impede innovation. After all, identities are the new perimeter in the cloud.

Harden your LLM security with OWASP

Foundationally, the OWASP Top 10 for Large Language Model (LLMs) applications was designed to educate software developers, security architects, and other hands-on practitioners about how to harden LLM security and implement more secure AI workloads. The framework specifies the potential security risks associated with deploying and managing LLM applications by explicitly naming the most critical vulnerabilities seen in LLMs thus far and how to mitigate them.

Egnyte for Google Workspace: A Secure and Seamless Collaboration Environment

Google Workspace is a popular suite of cloud-based productivity and collaboration tools that enables users to create, co-edit, and share documents, spreadsheets, presentations, and more. While Google Workspace has many benefits, more than the platform is needed to meet the needs of businesses looking for more control, security, and governance over their critical content. They need a partner solution that integrates seamlessly with Google and prioritizes secure content collaboration - in comes Egnyte.

What Are Deepfakes?

A deepfake is a form of media, such as a photo or video, generated by Artificial Intelligence (AI) to depict real or non-existent people performing actions they never did. AI manipulates a picture, video or voice recording to analyze a person’s characteristics and then blends those characteristics with existing footage using unique algorithms.

Examples of Personally Identifiable Information (PII)

Some examples of Personally Identifiable Information (PII) include your phone number, email address, license plate number, birth date, Social Security number (SSN) and medical records. Many aspects of your identity can be considered PII, so it’s important to understand what they are and how to protect them. Continue reading to learn how you can protect your PII from falling into the wrong hands and how Keeper can help.

Snort Rules 101: Examples & Use Cases for Snort Network Defense

Imagine you're responsible for the security of a bustling network, constantly under threat from bad actors looking to exploit any vulnerability. How do you keep up? Enter Snort, a powerful open-source tool that acts as your network’s watchdog, scanning for potential threats and alerting you when something seems off. In this guide, we'll break down how Snort works, focusing on the critical rules that make this tool effective at protecting your network.