Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

How Better Planning Can Save Your Business From A Data Breach

2019 was the worst year on record for data breaches by a long shot, increasing by nearly 79% from 2018. Billions of records were compromised as bad actors exploited vulnerabilities and insiders accidentally and maliciously compromised customer and company data. Unfortunately, the record won’t last long. As we approach the halfway point in 2020, this year is already on pace to be the most devastating year ever for data breaches.

The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity

Ships are increasingly using systems that rely on digitalization, integration, and automation, which call for cyber risk management on board. As technology continues to develop, the convergence of information technology (IT) and operational technology (OT) onboard ships and their connection to the Internet creates an increased attack surface that needs to be addressed.

Secure remote access explained

As the business world adjusts to the chaotic landscape of today’s economy, securing access from remote devices and endpoints has never been more critical. Equally critical is the requirement for organizations and their employees to practice good security hygiene. With the rising number of endpoints (laptops, servers, tablets, smartphones) requiring access to corporate networks, the range of attackable targets for malicious actors has broadened substantially.

Why is Dynamic Analysis an Important Part of Your AppSec Mix?

By now, most are familiar with the concept of DevSecOps. With DevSecOps, application security (AppSec) is moved to the beginning of the software development lifecycle (SDLC). By scanning earlier in the SDLC, you are able to find and fix flaws earlier. This can result in significant time and cost savings. Most organizations understand the importance of static analysis, which scans for flaws during development, but dynamic application security testing (DAST) is just as important.

What is Corporate Espionage?

The term “espionage” often brings images of double agents and covert undercover missions to mind. This is how espionage is depicted in the movies, but in real life, it can take on many other forms. Businesses may not need to worry about James Bond spying on their company, but they should be concerned about corporate espionage. Corporate espionage, often referred to as industrial espionage, is the practice of spying for financial or commercial gain.

Unfolding the Twitter security incident

In case 2020 wasn’t dystopian enough, here’s some more unbelievable news. On July 15, 2020, social media giant Twitter admitted it fell victim to a security breach. The attackers targetted 130 Twitter accounts, including several belonging to high-profile individuals such as elected officials; former president Barack Obama; and business leaders including Bill Gates, Jeff Bezos, and Elon Musk.

Featured Post

The ISO 9000 Family As It Relates To Operations

In a world where customers gravitate towards the best products and services, upholding high levels of quality as a business is a no-brainer. Being quality-centric in all your business processes ensures you can steer away from common errors. It can also improve your overall productivity as well as improve your customer retention rates. While there are various standards you can follow to improve the quality of your daily operations, the ISO 9000 standard remains to be one of the best. Even better, it is recognized globally, which could make it easier to do business the world over. The ISO 9000 family consists of five standards.

Finding problems that matter

See their previous blog for more! Towards the end of the 19th century, large cities like New York were facing a vexing problem so devastating that many questioned whether such cities could be sustained at all. People could no longer cross the street without assistance, stumbling was a common problem, disease was spreading, and even those issues had nothing on the horrendous stench emanating from every corner. We are talking, of course, about horse manure.

Dynamic Application Security Testing: DAST Basics

Application security testing (AST), which are tools that automate the testing, analyzing, and reporting of security vulnerabilities, is an indispensable part of software development. In a modern DevOps framework where security is shifted left, AST should be thought of as compulsory. And this has never been more important when you consider that Forrester reports the most common external attack method continues to be application weaknesses and software vulnerabilities.

Announcing Veracode Security Labs Community Edition

We recently partnered with Enterprise Strategy Group (ESG) to survey software development and security professionals about modern application development and how applications are tested for security. The soon-to-be-announced survey found that 53% of organizations provide security training for developers less than once a year, which is woefully inadequate for the rapid pace of change in software development.