Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

What is P3P Policy and How Does it Work?

Simply put, P3P helps websites to inform their visitors regarding their privacy practices in a standard format. In this article, we will explain what P3P policy includes and how it is useful for your organization. As of today, we all use the internet technologies on a daily basis. We read news, view pictures, acquire information, connect with our loved ones, conduct our business processes, do shopping and much more on the internet. For all these purposes, we visit websites.

Building on the IAM Benefits of SSO with MFA and Privileged Access Management

In part one of this post, we talked about why identity access management (IAM) is important. In that discussion, we identified three types of IAM: We discussed the different types of single sign on and some examples of what can be used to help streamline the user experience. Let’s now discuss how you can pair single sign on with other two types of identity access management.

The Importance of Implementing an Information Security Policy That Everyone Understands

Information security (IS) and/or cybersecurity (cyber) are more than just technical terms. They’re the processes, practices and policy that involve people, services, hardware, and data. In particular, IS covers how people approach situations and whether they are considering the “what if’s” of malicious actors, accidental misuse, etc. I’m not sure about your operations teams, but no one in any of mine, myself included, were able to read minds.

Five worthy reads: Privacy in pandemic management

Five worthy reads is a regular column on five noteworthy items we have discovered while researching trending and timeless topics. This week, we explore the data privacy challenges and concerns that have arisen during the COVID-19 pandemic. In the wake of COVID-19, the world has witnessed the power of technology.

What is Encapsulating Security Payload in Network Security?

Being one of the most popular tools used in network security, Encapsulating Security Payload (abbreviated as ESP) offers the help we need in keeping the integrity, authenticity and confidentiality of the information we send across networks. Keep reading to learn more! With the technological advancements, the way we conduct our business processes has changed immensely. Now, we heavily rely on the internet technologies and transfer massive amounts of data daily.

Bluetooth security risks explained

What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of course Bluetooth has some associated cybersecurity risks.

CI/CD and the Promise of Agile Transformation

Continuous integration/continuous delivery, more commonly known as CI/CD, promises to help software companies become more agile by delivering software faster and more reliably. The goal of CI/CD is to reduce software development and delivery timelines from months or weeks down to days or even hours. It does this by pushing frequent updates and fixes regardless of size and using automation tools to help the process run smoothly.

Open Policy Agent user survey validates need for cloud native authz

We recently surveyed the Open Policy Agent (OPA) community to gauge use case adoption, pain points and generally help guide the project. The recent survey results reflect how much the community has grown over the past year. This time we received 204 responses from over 150 organizations across North America, Europe, Asia, Australia and Africa. Over 90% of respondents indicated they are in some stage of OPA adoption (e.g., pre-production, production, etc.).

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs).