Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

How to Use a Risk-Based Vulnerability Management Model to Secure Mobile Dev

The typical workplace of the information age is no longer an office cubicle with a desktop PC. It’s an airplane seat, a comfy cafe chair, and a kitchen table — and it may not even have a company-issued device at its center. Research shows the productivity gains made possible by the growth of bring-your-own-device (BYOD) policies. Yet empowering employees to do their best work wherever they are and with whatever devices they have at their disposal also comes with risks.

Mobile Threat Defense: Safeguarding Your Data on the Go

Smart devices are everywhere — and one common cybersecurity myth is that security teams don’t need to worry about sensitive data stored on them. However, in a landscape where 75% of organizations have experienced phishing attacks against their employees, a robust security posture that includes coverage of your employees' personal tech is a must.

Cryptographic Hardware vs. Software Encryption: Which is Better Security Solution?

This is a common practice of enhancing information security where a specific piece of hardware built to perform such tasks is used to encrypt and decrypt data. While software encryption is platform-dependent and depends on the CPU and memory of the system on which it is installed, hardware encryption typically works in parallel with dedicated components such as HSMs, SEDs, or TPMs.

Understanding, detecting, and fixing buffer overflows: a critical software security threat

Buffer overflows are one of the oldest and most dangerous vulnerabilities in software security. A heap buffer overflow was the second most exploited vulnerability in 2023. Over the years, it has enabled countless attacks, often with severe consequences, such as Cloudbleed in 2017. Despite advances in security practices, buffer overflows continue to pose significant risks, especially in software written in low-level languages like C and C++.

Fireblocks Automation: Revolutionizing Digital Asset Operations

When we first announced our plans to build Fireblocks Automation in April 2024, we set out to tackle a seemingly mundane yet crucial challenge for our customers. Our goal was to mitigate the manual, repetitive, time-consuming, and error-prone blockchain payment and crypto trading operations that were hindering businesses from easily scaling their operations as they expanded across geographies and add new product offerings.

The NIS2 Directive is Here. What Happens Next?

The Network and Information Security (NIS2) Directive’s deadline of October 17th has officially passed. Yet despite this deadline – and the strict penalties in place for non-compliance – nearly 66% of businesses operating in Europe have likely not implemented the necessary compliance controls (Veeam Software). Additionally, the majority of EU member states have yet to officially codify NIS2 standards into their national laws.

Separating Hype from Reality in HRM

Human risk management (HRM) has become a more established category in recent years. This development signals a crucial shift towards enabling security teams to accurately quantify and manage workplace risks. With the rise of HRM, a variety of new technologies have also emerged on the market. However, how do you navigate the sea of buzzwords and shiny promises to pick the solution that's right for you?

Managed security service provider (MSSP): Everything you need to know

The security and compliance landscape is ever-evolving, meaning the demands organizations need to meet today can change rapidly. While most IT teams have defined processes to handle these requirements, they may not have the capacity to address all the tasks necessary to maintain the organization’s security posture. ‍ If your organization has encountered a similar situation before, appointing a managed security service provider (MSSP) can be a solution.

Sysdig 2024 Global Threat Report

We know that cloud attacks happen very quickly. Our 2024 global threat year-in-review, the third annual threat report from the Sysdig Threat Research Team (TRT), revisits the team’s hottest findings from the last 12 months and explores how they relate to the broader cyber threat landscape. This year’s report also includes informed predictions about 2025’s security outlook and potential trends.