For enterprises that have at least some part of their IT environment in the cloud, the key to protecting data starts with understanding the layers of the cloud stack and their corresponding security risks. Each layer has its own unique threat potential, and when IT teams understand how data transacts at each layer, they can take appropriate measures to safeguard against those threats. One of the most common is ransomware.
APIs are everywhere within your organization. Many may be internal, but we’re willing to bet there are many third-party web services and APIs that your business depends on too. Keeping track of them all, and ensuring that your team chooses the best APIs for their needs can be a challenge. In some cases, your organization may be using an API they don’t even know about. The solution to this “web of APIs” is to apply the concept of API governance to your API dependencies.
This post will show you how Coralogix can provide analytics and insights for your Okta logs, both performance, and security. Okta is one of the leading Identity provider platforms in the world, offering a variety of cloud services including a Single Sign-On solution to manage and secure company user authentication with 3rd party applications.
The increasing adoption of cloud applications and an expanding remote workforce are redefining network security. In a traditional setting, the emphasis was on perimeter-based security—assuming that everything behind the corporate firewall is safe. However, it’s clear that organizations have to rethink the philosophy of implicit trust in a corporate network.
The COVID-19 pandemic has unveiled numerous vulnerabilities and shortcomings in the airline industry. What’s worse for aviation in particular over other industries is how airports have essentially served as the portal for the virus traveling from one country to another across the globe. As a result of severe travel restrictions implemented by nearly every country, airline companies have been hit hard and forced into a dire financial situation.
The information security landscape is constantly evolving, which is why it's so important to stay up to date with the latest trends, threats, and advancements. Given that a Google search for cybersecurity websites produces millions of results, we thought we thought we'd compile a list of the best. Adam Shostack & friends is a group blog on security, liberty, privacy, and economics.
Most malware these days has some level of Command and Control. This can be to exfiltrate data, tell the malware what instructions to execute next, or download encryption keys in the case of ransomware. In each case of command and control, the attacker is accessing the network from a remote location. Having insight into what is happening on the network is going to be crucial in addressing these techniques.
With the help of breath taking technological advancements, the majority of our communications are conducted online. That is why encryption techniques are more important than ever. Keep reading to learn more about encryption techniques and identity based encryption.
In many cases, penetration testing – a type of ethical hacking engagement designed to identify and address security vulnerabilities in networks, systems and applications – is required. Sometimes this requirement is specified directly, while in other cases it is implied by a need to build audit or assessment processes to mitigate cyber risk. This blog identifies some of the most common pen testing standards and regulations and provides guidance about the type of testing required.
