Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Organizations can reap huge rewards by switching to a DevOps software development model. Some enterprises don’t know how to make the change. Recognizing that fact, I’ve spent the past few weeks discussing the benefits of a DevOps model, outlining how organizations can plan their transition, identifying common problems that companies commonly encounter and enumerating steps for a successful conversion. Of course, organizations aren’t finished once they’ve fully embraced DevOps.

A key to having a good information security program within your organization is having a good vulnerability management program. Most, if not all, regulatory policies and information security frameworks advise having a strong vulnerability management program as one of the first things an organization should do when building their information security program. The Center for Internet Security specifically lists it as number three in the Top 20 CIS Controls.

DALLAS, July 10, 2018 — AT&T today announced its plans to acquire AlienVault®, a privately held company based in San Mateo, Calif. The agreement has been approved by both companies. The acquisition of AlienVault will enable AT&T to expand its enterprise-grade security solutions portfolio and offerings to millions of small and medium-sized businesses.

Ransomware is a relatively new form of malware that poses significant threats to computer networks, even those with effective security systems. It masquerades as legitimate software and uses encryption protocols, like those designed to protect personal information, to lock down files and hold data for ransom. In addition to the increased frequency of attacks, hackers are continuing to grow more sophisticated, targeting high profile businesses that can afford to pay higher ransoms.

One of the challenges of building and running information technology systems is solving novel problems. That's where frameworks like scrum and agile come in– getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every single time. Here runbooks, checklists, and documentation are your friend.

To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs and other crucial information. Second, it protects system integrity to make sure applications, endpoints and networks perform their intended functions without degradation or impairment.

Last year we exhibited at a major information security trade show in London, during the preparation for this we received our exhibitor passes as “print yourself” PDF files. We immediately noticed that there are two forms of barcode here and, interestingly, the QR Code seems quite dense given that all it should be storing is a delegate ID number. Being the inquisitive sort of people that we are, we started up a QR scanner and had a look at its contents.