Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We all use passwords every day to sign in to our devices and online accounts. But that doesn’t mean they’re a perfect solution.

If you are a code publisher or software developer, your end-users need to trust your software that they download. You, a legit entity, must win their trust and confidence as the source of the file rather than any third party or any infiltrator claiming to be you. Also, they need to know that the code has not been tampered with by any hacker or has any malware inserted in it.

You’ve heard it time and time again: you need a strong password to keep your online accounts safe. Creating complex passwords can be complicated to remember, thats why having a password manager is crucial to remembering all your different passwords without the fear of forgetting your password or risking using an easy password which is guessable to hackers.

Anat Kleinmann, AlgoSec Sr. Product Manager and IaC expert, discusses how incorporating Infrastructure-as-Code into DevSecOps can allow teams to take a preventive approach to secure application connectivity.

Ransomware has been around for a long time — since 1989 — but has scaled up significantly since 2016. Author’s from Accenture and Google Cloud, in addition to our very own Vandana Verma Sehgal (from the Snyk Security Relations Team), recently released a white paper, Ransomware State of Mind: How to Better Protect Your Business, which details the current state of ransomware and solutions to address this growing problem.

U.S. Sen. Mark Warner (D-Va.) issued the 35-page report Cybersecurity on Patient Safety on November 3, which called the ongoing transition to better cybersecurity for the healthcare sector as being painfully slow and inadequate. This is despite the fact the healthcare sector is uniquely vulnerable to cyberattacks.

Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.

Kubernetes is a very complex product where creating and managing clusters requires a great deal of knowledge on a wide range of topics. The introduction of managed clusters brought simplicity to the process allowing users to focus on extracting the most out of the system. One of the areas of most interest and different configurations is authentication and authorization. In authentication, the main objective, and most critical of all, is to ensure the identity and validity of users and machines.

As the healthcare industry becomes more digitally inclined, there’s a need for systems to be put in place to avoid breaches in the security of data records. Most healthcare organizations are already embracing the DevOps (Development and Operations) model, but unfortunately, security seems to be neglected, resulting in data breaches and numerous cyber attacks on software and mobile applications.

Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency.