Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

A primer on homomorphic encryption

For any company in the IT industry, it is virtually impossible to function unless a lot of personally identifiable information and confidential data flows through servers across deployments every single day. While working with this kind of data, companies need to be watchful about the state of its encryption. This information needs to be encrypted both when it is stored (data at rest) and when it is transmitted (data in transit).

What is CTEM?

Coined by Gartner in 2022, continuous threat exposure management, or CTEM is a structured framework for continuously assessing, prioritizing, validating, and remediating vulnerabilities across an organization’s attack surface, enabling you to respond effectively to the most pressing threats over an ever-expanding attack surface. Reactive security is a temporary fix, not a sustainable solution.

What is a Secure Socket Layer (SSL)? How does it ensure safe connection?

Imagine all your online activity being put out in the open—as private as a billboard in Times Square. Before SSL, your private internet information was vulnerable to exposure. However, with the advent of SSL, encryption became part of how the data was transferred between web browsers and servers, ensuring privacy and security. SSL transforms regular HTTP into the more secure HTTPS, safeguarding your online activities.

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform. With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure.

A SenseOn Advisory: PAN-OS zero-day vulnerabilities CVE-2024-9474 & CVE-2024-0012

On the 18th of November 2024, Palo Alto published advisories disclosing two vulnerabilities affecting the Web Management Interface in PAN-OS. The most critical of these vulnerabilities is CVE-2024-0012 with a severity rating of 9.3. Exploitation of this vulnerability allows a remote, unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges.

Everything You Need to Know About Shadow IT

Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit approval from an organisation's IT department. While it sounds sinister, and has certain implications, it is not always done maliciously or with the intent of breaching security. It encompasses a wide range of digital activities where employees leverage unapproved tools to be more productive or achieve specific goals.

Tines named launch partner for Wiz Defend

We’re excited to announce our status as a launch partner for Wiz Defend. The new solution from Wiz draws upon the power of Wiz Integration Network (WIN) partners to better detect and respond to cloud threats in real time. We were selected as a launch partner due to our leading workflow orchestration and automation capabilities, which seamlessly connect with Wiz Defend to empower customers and their SOC/Incident Response teams.

Sysdig and Cribl: Unleash the true power of cloud security data

Cloud security operates on a different paradigm compared to traditional IT security. For example, it involves multiple contextual layers such as cloud services, containers and Kubernetes that require specialized insights. The challenge is even harder when the organization is affected by compliance requirements, and is compounded by the sheer volume of data that becomes a major concern for any organization. Failing to effectively manage it leads to costly inefficiencies and risks.

DevSecOps Tools for Cybersecurity Success

With DevSecOps, cybersecurity has become integrated into every phase of the software development lifecycle (SDLC). DevSecOps tools work across development, security, and operations siloes and enable these teams to work collaboratively, ensuring security vulnerabilities are addressed early and efficiently, reducing risks before they reach production.