In April 2022 alone, there were 14.3m records breached due to 80 significant security incidents. These incidents make up a complex, shifting landscape of cyberattacks that require increasingly sophisticated defenses. While many of our methods are becoming more complex, some of our mechanisms are timeless, like the security whitelist. Also called an “allow list,” the security whitelist defines the permitted actions and blocks everything else.
In our fourth episode of the Future of Security Operations podcast, Thomas speaks with Johannes Gilger— CEO and founder of urlscan, a URL and website scanner that enables users to take a look at the individual resources that are requested when a site is loaded. Prior to founding urlscan, Johannes managed the Threat Intelligence Automation team at CrowdStrike.
The cloud offers agility and speed for DevOps teams. Being able to spin up environments and create applications in a fraction of the time previously required helps organizations launch new capabilities for customers, employees, and vendors quickly. For most companies, this means reduced time to market and the ability to recognize revenue faster.
The threats facing databases today are numerous and constantly evolving as the perimeter continues to fall away in favor of multi-cloud environments. This change means organizations must adopt an in-depth, data-centric security approach that includes a program designed from the ground up to protect databases.
Email security is not a simple check-box item. The need to have a strong email security solution in place has never been greater. Email is ubiquitous, and the average employee receives so many emails on a daily basis that they often open and click on messages without giving a second thought to any potential problem they might pose. This means an organization must have an email security solution in place to find and block suspicious emails before someone mistakenly clicks on a link.
The MITRE ATT&CK matrix revolutionized security, providing a common language and taxonomy for companies and security vendors to use when talking about and measuring cybersecurity, with an emphasis on adversary behaviors. However, building a defensive strategy using this insight can be overwhelming due to its 14 tactics, 191 techniques and 386 sub-techniques, and often thousands of implementation procedures for each technique that change constantly.
It may surprise you to learn that new research by CompTIA finds only 30% of the cyber workforce is in the 19-34 age group, with 52% between 35 and 54.
In the past, responsibility for data privacy and security fell on non-development teams, like IT, security or compliance. But this is changing. Thanks to the adoption of cloud native technologies and trends like policy-as-code, developers are more focused on security than ever. According to the Styra 2022 Cloud-Native Alignment Report, over half of developers think their organization should enhance its data privacy efforts in the next 12 months.
Data is an integral part of any organization and hence it is important to respond to and recover it from any crisis. With the onset of the COVID-19 pandemic, the need for data security and cyber resiliency is evident. Cyber resiliency is the ability to prepare for, respond to, and recover from cyber-attacks and data breaches while continuing to operate effectively.
In early April, the tech industry witnessed a major GitHub security incident targeting GitHub organizations using Heroku and Travis CI. GitHub was made aware of this threat via an attack leveraging AWS API keys to GitHub’s own npm production infrastructure. As upstream security risks within SaaS platforms become more common, organizations that leverage these platforms are relying on tools like Nightfall to protect themselves.
