Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Shielding the Foundation: Security Across Your SSC

Nov 3, 2023 By JFrog In JFrog
Developers are now the target of the attacker, with binaries available publicly. While it's unlikely that the concept of security point solutions will completely disappear, it’s clear that the market is demanding a consolidated, comprehensive approach to pipeline security across the attack surface. With the increasing complexity of software supply chains, security and governance are becoming critical on developer’s machines, at the C-level and in boardrooms. In this session, Eyal Dyment, VP of Security Product for JFrog, details how next-gen software supply chain solutions must incorporate robust, holistic security or risk being the next tool to be consolidated.
View Video
nucleus

NYDFS Regulatory Changes: Vulnerability Management and Risk Assessment

Nov 3, 2023 By Scott Kuffer In Nucleus
The financial sector is constantly adapting to emerging threats and regulatory changes. The New York Department of Financial Services (NYDFS) is at the forefront of cybersecurity regulation, ensuring that covered entities within the state maintain robust cybersecurity programs. In this blog post, we’ll dive into the recent changes to NYDFS regulations, specifically focusing on vulnerability management and an updated definition of risk assessment.
Read Post
trustcloud

TrustCloud Becomes HITRUST Readiness Licensee, to Make HITRUST Accessible and Affordable for Healthcare Technology Companies

Nov 2, 2023 By TrustCloud In TrustCloud
TrustCloud's common control framework, programmatic policy mapping and evidence collection and an evidence-viewing portal make readiness and assessment more efficient for both auditors and companies pursuing HITRUST.
Read Post
securitysenses

The Importance of SSL Certificate for an E-Commerce Website in 2024

Nov 2, 2023 By SecuritySenses In SecuritySenses
With the advent of technological advancement and everyday upgrades, safety measures and security updates have become more than important. Imagine holding a savings account in a bank that explicitly declines to keep your money safe. Or sending sensitive information over a platform that has no end-to-end encryption. Or renting a property that has no lock. Sounds unsafe, right?
Read Post
Sponsored Post
eventsentry

EventSentry v5.1: Anomaly Detection / Permission Inventory / Training Courses & More!

Nov 2, 2023 By ingmar.koecher In EventSentry

We’re extremely excited to announce the availability of the EventSentry v5.1, which will detect threats and suspicious behavior more effectively – while also providing users with additional reports and dashboards for CMMC and TISAX compliance. The usability of EventSentry was also improved across the board, making it easier to use, manage and maintain EventSentry on a day-by-day basis. We also released 60+ training videos to help you get started and take EventSentry to the next level.

Read Post
sumologic

Enhance your cloud security with MITRE ATT&CK and Sumo Logic Cloud SIEM

Nov 2, 2023 By Alec Kostiner In Sumo Logic
As cloud applications and services gain prominence amongst organizations, adversaries are evolving their toolset to target these cloud networks. The surge in remote work and teleconferencing presents unprecedented opportunities for nefarious activities. Enter the MITRE ATT&CK Framework, also known as a MITRE ATT&CK Matrix—a treasure trove for defending cloud infrastructure and on-premises infrastructure against the newest adversary tactics, techniques, and procedures (TTPs).
Read Post
sumologic

Okta evolving situation: Am I impacted?

Nov 2, 2023 By George Gerchow In Sumo Logic
Cybersecurity is never boring. In recent months, we’ve seen major cyberattacks on Las Vegas casinos and expanded SEC cybersecurity disclosure rules are top of mind. Is it any wonder we consistently recommend taking a proactive approach to secure your environment with a defense-in-depth strategy and appropriate monitoring? News outlets reported the recent compromise at the Identity and Authentication (IAM) firm, Okta.
Read Post
Trustwave

Continuing the Conversation on Cybersecurity as a Business Risk

Nov 2, 2023 By Barry O'Connell In Trustwave

Board members often lack technical expertise and may not fully understand the risks associated with cybersecurity. On the other hand, CISOs are more familiar with IT staff and the technical aspects of cybersecurity. This is understandable, as the board is responsible for making high-level decisions and does not typically get involved in the details of implementation and technical audits.

Read Post
knowbe4

Investigate User-Reported Emails with Ease Through the Powerful Combination of CrowdStrike Falcon Sandbox and KnowBe4 PhishER Plus

Nov 2, 2023 By Stu Sjouwerman In KnowBe4

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.