Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Innovation in clinical genomics starts with DLP for Boston Lighthouse

Boston Lighthouse Innovations is a start-up that offers a clinical genomics solution suite with processing and reporting workflows for patient diagnostics. The nine-person team grew out of Massachusetts General Hospital’s molecular pathology department, which uses genetic data to diagnose cancer.

BSIMM11: Tracking the cutting edge of software security initiatives

The Building Security In Maturity Model (BSIMM)—the annual report on the evolution of software security initiatives (SSIs)—is gaining some maturity itself. The latest report, which went public this week, is the 11th iteration. Some things haven’t changed. The fundamental goal remains what it was at the start, more than a decade ago.

When It Comes to Security of the Platform, We Mean Business. Here's How.

At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

Preparing for Zero Trust and planning your strategy

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

Webinar | Industry Best Practices for SSH Access | Teleport | How To

We've all used SSH dozens of times, but do we really understand how to SSH properly? Using such a powerful tool can come with a lot of risks, especially when we're on highly distributed teams with well-trodden workflows that can be tough to change. In an era of sophisticated phishing attacks and threats always knocking at our doors, we could all use a little help with making sure our infrastructure is as secure as it can be.

The Migration From PA-DSS to SSF: Everything You Need to Know

Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional and modern payment software.

43% of Orgs Think DevOps Integration Is Critical to AppSec Success

It’s no secret that the rapid speed of modern software development means an increased likelihood of risky flaws and vulnerabilities in your code. Developers are working fast to hit tight deadlines and create innovative applications, but without the right security solutions integrated into your processes, it’s easy to hit security roadblocks or let flaws slip through the cracks.

Using the Cost of a Data Breach to Maximize Your ROI on Your Security Tools

The 2020 Cost of Data Breach report from IBM and the Ponemon is out. It provides a detailed analysis of causes, costs and controls that appeared in their sampling of data breaches. The report is full of data, and the website allows you to interact with its information so that you can do your own analysis and/or dig into aspects relevant to you and your industry.

Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released

A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations.

Why Your Org Needs DLP for Slack: Promoting Everyday Cybersecurity

Managing the demands of a distributed workforce — especially across multiple time zones and countries — is difficult in the best of times. Now, in the time of the Coronavirus, security leaders are being asked to manage new productivity tools at unprecedented speeds while keeping data security top of mind. As more companies add Slack to their communications and productivity stacks, security policies are being tested in new ways.