Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

How Healthcare Can Combat Cybercrimes? | Appknox

One of the most crucial things for the healthcare sector during the ongoing global pandemic, amidst many other competing priorities, is keeping a check on its cybersecurity measures. During the first half of 2020, HHS or the Department of Health and Human Services recorded a 50% increase in cybersecurity breaches in the field of healthcare itself.

Using SIEM for Simplifying PSD2 Compliance

In today’s dynamic world, the fifth generation of global wireless technology (or as we know it, 5G) is driving innovation in the financial sector, and the global pandemic is changing everyone’s lifestyle and payment habits, online payments become more and more important. Against this backdrop, the most dominant tendencies are mobile and online banking, as well as investment banking.

The State of Cloud Native Application Security survey-2021

Cloud native application security—or CNAS for short— is our passion here at Snyk. CNAS focuses on the security of your code, open source dependencies, container and infrastructure as code. Snyk is expanding on our annual State of Open Source Security report, by adding a new report in which we take a holistic view of the overall application developers work with on a day to day basis.

CloudCasa Security Overview

As a developer of copy data management and data protection products for 20+ years, Catalogic Software has considerable experience in securing and protecting our customers’ data. For our new CloudCasa backup service for Kubernetes and cloud native databases, security is built into every step of the service using a modern DevSecOps approach. In addition, we are adding new capabilities to meet specific enterprise security and data custodian and governance requirements.

Detecting MITRE ATT&CK: Defense evasion techniques with Falco

The defense evasion category inside MITRE ATT&CK covers several techniques an attacker can use to avoid getting caught. Familiarizing yourself with these techniques will help secure your infrastructure. MITRE ATT&CK is a comprehensive knowledge base that analyzes all of the tactics, techniques, and procedures (TTPs) that advanced threat actors could possibly use in their attacks. Rather than a compliance standard, it is a framework that serves as a foundation for threat models and methodologies.

Embracing the Digital Shift: Implementing DevSecOps in the Cloud with AWS

To keep up with increasing time and productivity demands in software development, it’s important that organizations are staying on top of their digital shifts through rapid technology adoption and the prevention of common snags in application security (AppSec).

REvil, Ryuk and Tycoon Ransomware: How They Work and How to Defend Against Them

It is the Tuesday morning after a long weekend. You come into work early to get caught up on emails only to find you are completely locked out. You have been hit by a ransomware attack. You ask yourself, “What happened? And how do I fix it?” This post will explore three of the most significant ransomware families of 2020: Tycoon, Ryuk and REvil.

Don't get attached to your attachment!

As a product manager, I am always concern about the value my customers will get from the product, and this is my main focus. In order to achieve this, I often meet with customers and talk about pain points, problems,offer a solution, see how the product can help. In the past few years, one of the items that get raised in these discussions is not related to any pain pointor feature requirement, it is the attachment method when dealing with K8s security.

Next Level Automation: What's New with Splunk Phantom

Splunk Phantom 4.10 introduced many new enhancements, including the ability to develop playbooks in Python 3. In fact, Python 3 is now the default for Splunk Phantom playbooks. In doing so, we needed to create two different “playbook runners” to ensure we could continue to support playbooks written in Python 2.7 while also supporting Python 3.