Automation is a key component of DevSecOps because it increases efficiency. Automating work in your software development lifecycle helps you integrate multiple tools into your workflow. It also lets developers, maintainers, and security champions focus on coming up with creative solutions for tough problems, rather than spending time on tedious manual tasks.
Over the past week, the WhiteSource security team has found several instances of packages that use unusual techniques to disguise malicious intent. These techniques differ from what we have usually seen in the past, such as base64 and JS obfuscation. This time, we are seeing a malicious actor use hex encoding to hide the malicious behavior of the package.
Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR — extended detection and response — is as an opportunity to take a fresh look at some old problems and gain clarity.
This blog is part three in a series about identity-based access and management of AWS resources. In Part I, we covered how to use OSS Teleport to access Amazon EC2 instances running in private subnets. Part II explained implementing identity-based access via SSO integration with Okta. In Part III, we will guide you through the steps to configure privilege escalation for just-in-time access requests.
According to the 2021 Devo SOC Performance ReportTM — which is based on the results of a survey of more than 1,000 security practitioners — having an understaffed SOC or constant turnover of security talent can cripple an organization’s security posture. Let’s look at some of the root causes that can lead to these two interconnected problems.
The world has changed. The COVID-19 pandemic has dramatically increased the number of teams that are working with a remote and distributed model. This change is a welcome acceleration of what many feel would have been the eventual outcome of our digital future. With this new model comes a new and changing set of security challenges.
Ransomware is not a new attack vector. In fact, the first malware of its kind appeared more than 30 years ago and was distributed via 5.25-inch floppy disks. To pay the ransom, the victim had to mail money to a P.O. Box in Panama.
When Heraclitus wrote in the 6th Century that the only constant is change, he had no way of knowing just how apt his words would prove for contemporary enterprises. Consider, for instance, the effect that the Great Resignation has had on enterprises. In 2021 alone, almost 4 million workers quit their jobs per month – the highest yearly average record of all time for employee turnover.
Agentless bot management provider ranked among top players in Analyst Report Manchester, 12th April, 2022 – Netacea, the bot detection and mitigation specialist, today announced it has received the highest score in the Bot Detection criterion in The Forrester Wave™: Bot Management, Q2 2022 report.
