Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

GCP OAuth Token Hijacking in Google Cloud-Part 2

Imagine you’ve protected your production Google Cloud environment from compromised credentials, using MFA and a hardware security key. However, you find that your GCP environment has been breached through the hijacking of OAuth session tokens cached by gcloud access. Tokens were exfiltrated and used to invoke API calls from another host. The tokens were refreshed by the attacker and did not require MFA. Detecting the breach via Stackdriver was confusing, slowing incident response.

IoT Devices in Different Industries and How to Secure Them

Today, data analytics, automation, connectivity, and remote monitoring have made great progress and have brought innovations in every sphere of modern civilization. The digitization in day-to-day human activities has been revolutionized by the Internet of Things (IoT). Based on Gartner’s Forecast database, we can expect that there will be approximately 14 billion devices connected to the internet by 2022. With more devices connected, it will change the way we do business and use resources.

Supply Chain Risk Management - What You Need to Know to Build a Successful SCRM Program

There is a story from years ago about a warehouse network of computers that was separated from the main network. Those machines were running older OSes. But since they weren’t connected to the company network, didn’t hold company data, and only ran the warehouse machines, they were deemed secure. One day, the sysadmin noticed that all of those computers had a glitch at the same time. He remotely rebooted and went back to his desk. But they all glitched again. What happened?

Staying safe in Slack: Blossom Bariatrics counts on Nightfall for HIPAA compliance

The bariatric surgery market is growing year over year in the United States, from 158,000 surgeries in 2011 to 252,000 surgeries in 2018. Over the last decade, weight loss surgery demand has increased, leading to a boom in the number of clinics offering these procedures. Blossom Bariatrics has become one of the premier bariatric surgery clinics in the Las Vegas area. They provide surgical treatment options for weight loss, plus hernia, gallbladder, and anti-reflux surgeries.

Reducing the Impact of False Positives on Your Resource Workload and Fraud Investigation Speeds

Payment fraud is exploding. So are false positives, customer friction and investigation costs. Unfortunately, as customers continue to pull us down the river of rapid digital transformation, traditional fraud detection systems are being left in the sand.

Sort, Filter, and Remap API Data in Python

Are you taking data from an API in the format the web services gives it to you? You should not dictate the structure of data inside your application based on how an API provider structures their data. Instead, you can take advantage of the power of Python's list manipulation techniques to sort, filter, and reorganize data in ways that best suit your needs.

Don't Let Security Go Up, Up and Away (in the Clouds), Start with Data

Security teams can’t defend what they can’t see. As organizations move more workloads to the cloud, security teams need added visibility into these new workloads or risk having blind spots that lead to compromise. In the first installment of our "Getting Data In" webinar series, "Modernizing your SOC for the Cloud Age Starts with Security Foundations," we demonstrate how to quickly and easily onboard data into Splunk Cloud.

How to Implement Effective Compliance Testing

Compliance testing, also known as conformance testing, is a periodic, independent, and objective assessment of compliance-related processes and/or controls. The goal of compliance testing is to determine whether the elements, processes, and controls of your compliance program are designed appropriately and operating as designed. Compliance testing follows an established process and plan as well as a risk-based approach.

2020: the year cybersecurity went from a technology problem to a business issue

In March when businesses enforced a work-from-home policy because of the pandemic, many probably thought the move would last a few weeks or so. Well, here we are, in the heat of the summer or depth of winter, depending on your hemisphere, and some businesses are still working remotely, while others have made the return to the office.