Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Top 7 API Security Risks (including prevention tips)

In this app-driven world, APIs are the infrastructure providing highways for ensuring smoother transport of sensitive data. Insecure APIs add to top security risks faced by web applications and act as an easy invite for hackers. Just because APIs deal with data at the backend does not mean they are hidden from the plain view and are safe. This article provides you an API security checklist that can be used as a basic benchmark before the release.

Fighting Cybercrime: We Are Stronger Together than We Are Individually

As a cybersecurity professional, how numb have you become to vendors who try to scare you with frightening statistics in an effort to sell you a new product? It is understandable that a vendor has to present as much information in a limited amount of attention-grabbing time, so their doomsday technique makes some sense. Perhaps the vendors’ approach is faulty, as the numbers are quite frightening indeed. There is definitely a larger point to be made.

What Is HIPAA Compliance: Guidelines for Becoming Compliant

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. law designed to protect individual privacy by establishing national standards for maintaining sensitive patient health information and medical records. HIPAA compliance rules incorporate requirements from several other legislative acts, including the Public Health Service Act and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

Don't get overwhelmed with trivial defects. Manage them!

Misuse of security tools can lead to defect overload for development teams. Knowing when and how to use these tools will yield more effective DevSecOps. It is a long-time mantra of security experts: There is no single, magical software testing tool or technique that will find every defect or flaw that developers should fix when they are building an application or any of the many things powered by software.

What's the Difference Between Penetration Testing and Vulnerability Scanning?

Is your network secure from outside attacks? What steps is your organization taking to keep its intellectual property and client data safe? Penetration and vulnerability scanning are two tools that can help identify gaps in your network security. In this article, we’ll look at how you can use these tools to evaluate your companies risk factors and whether penetration testing or vulnerability scanning is the right solution for you.

Stop Enforcing Security Standards. Start Implementing Policies.

In days gone by, highly regulated industries like pharmaceuticals and finance were the biggest targets for nefarious cyber actors, due to the financial resources at banks and drug companies’ disposal – their respective security standards were indicative of this. Verizon reports in 2020 that, whilst banks and pharma companies account for 25% of major data breaches, big tech, and supply chain are increasingly at risk.

How to Monitor User Activity

Every company monitors their employees to some extent. In the past, companies may have relied solely on time sheets and surveillance footage to keep an eye on their employees. But these tools cannot be used to track what employees are doing on their company-owned computers, smartphones, and tablets. To monitor these devices, managers must turn to more sophisticated tools such as monitoring software.

Top 10 Most Critical CVEs Added in 2020

Our global community of hand-picked Detectify Crowdsource ethical hackers are the reason we are able to automate security research so quickly to protect web applications from attack. This past year, we received a record 1300+ submissions from the community including over 180 zero-day vulnerabilities! Every module and security test we build from these hacker-submitted vulnerabilities helps us make the internet more secure.

How Netskope Can Help with Your 10 Critical Security Project - Nos. 3-4

The annual list of top security projects from Gartner provides key insights on where security leaders should focus their limited time and resources to be the most effective at protecting their data, users, and infrastructure. Netskope provides value for each of the top 10 recommended security projects for this year and next, including many critical capabilities. This blog series will highlight each Gartner recommendation and how Netskope specifically can help.