I was going through a row of photography books in an antique store when I got a call from Bucky Moore, our lead investor and a board member. “Let me know if you need anything from me. This is getting serious,” he said. He seemed concerned. It was Sunday, March 22nd, right after the shelter in place order went in effect here in California. The next day, COVID-19 was no longer just in the news, it was everywhere.
In this article, we explain how dangerous an unrestricted view name manipulation in Spring Framework could be. Before doing so, lets look at the simplest Spring application that uses Thymeleaf as a templating engine.
In light of the current pandemic, most organizations will be working remotely for the foreseeable future. But the increase in virtual operations has led to a higher volume of cyberattacks. Now, more than ever, it’s vital that your organization is armed with the industry’s best application security (AppSec) solutions. But how do you build and secure technology in an uncertain world? It’s a balancing act between risk, trust, and opportunity.
The IDC MarketScape for Mobile Threat Management Software just named Lookout a leader for the third consecutive year. Everyone at Lookout works hard to make sure we provide the best mobile security for our customers, so it’s incredibly satisfying to have the MarketScape recognize our capabilities and strategies. We’re honored for the recognition of our capabilities for the third consecutive year.
Recently, both Apple and Google released new updates for iPhone and Android devices. One feature that was added was “Covid-19 Exposure Logging.” The feature is off (for now), and according to the text that accompanies the app, when turned on, it is set to communicate via Bluetooth to other devices.
Data classification is a vital component of any information security and compliance program, especially if your organization stores large volumes of data. It provides a solid foundation for your data security strategy by helping you understand where you store sensitive and regulated data, both on premises and in the cloud. Moreover, data classification improves user productivity and decision-making, and reduces storage and maintenance costs by enabling you to eliminate unneeded data.
The old security model, which followed the “trust but verify” method, is broken. That model granted excessive implicit trust that attackers abused, putting the organization at risk from malicious internal actors and allowing unauthorized outsiders wide-reaching access once inside. The new model, Zero Trust networking, presents an approach where the default posture is to deny access.
We’ve all been subjected to quaint media features that try to make business leaders seem like a joyful walk on the beach. They usually have a title like, “A Day in the Life of the CIO,” and they are laden with tropes that try to make the person relatable (“…and at 9:34 am, I finally get around to drinking that latte I got at Starbucks on the way into work!”), but truly the whole thing is just an annoying ploy to make you feel inadequate.
In the world of cybersecurity preparedness, there are a variety of strategies organizations large and small can take to help protect their networks and data from cyber-attacks. One such strategy involves an organization testing its own environment for security vulnerabilities. But because security weaknesses come in different forms, it’s necessary to have a focused security team that comprehensively searches for vulnerabilities that go beyond simple risk assessments.
