Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

A guide to HTTP security headers for better web browser security

As a website owner or web developer you can control which HTTP-headers your web server should send. The purpose of this article is to shine some light on the different response HTTP-headers that a web server can include in a request, and what impact they have on security for the web browser.

Why Security Is Needed to Keep the CI/CD Pipeline Flowing Smoothly

Technology has advanced to a state where clients now expect a constant stream of updates for their software and applications. To fulfill this demand, developers commonly turn to what’s known as a CI/CD pipeline. As noted by Synopsys, this practice embraces two important software development concepts of today’s streamlined world.

State Security Breach Notification Laws

A security breach is defined as any unauthorized access or acquisition that compromises the security, confidentiality, integrity or availability of covered information, systems, and applications. Recent years have seen significant amounts of legislative activity related to state data breach notification laws. South Dakota and Alabama enacted new data breach notification laws in 2019, becoming the last of 50 U.S. states to enact such laws.

Dark Web Recruitment of Employees Puts Organizations at Risk

The idea of your employees being solicited on the Dark Web isn’t a hypothetical; it’s real, it’s tempting, and it’s lucrative. We’ve written previously about the dangers of the Dark Web and why you need to be paying attention as an employer. One of the realities of the dark web is the issue of recruitment.

6 Steps to Performing a Cybersecurity Risk Assesment

If you ever purchased a “one-size-fits-all” item of clothing, you know that it’s never really going to fit everyone. Some people are too shirt and others too tall. Most cybersecurity standards and regulatory requirements recognize the same limitations apply to cybersecurity. Multinational corporations have different needs when compared to small and mid-sized organizations.

SIEM: What Is It, and Why Does Your Business Need It?

Security information and event management (SIEM) technology is transforming the way IT teams identify cyber threats, collect and analyze threat data and respond to security incidents. But what does that all mean? To better understand SIEM, let's take a look at SIEM technology, how it works and its benefits.

State of Modern Applications & DevSecOps in the Cloud - 2018

Sumo Logic's report with data-driven insights, best practices, and year-over-year trends - all by analyzing technology adoption among enterprises who run massive applications on AWS, Azure, and GCP. The report also provides additional visibility into the DevSecOps tools and methodologies used within cloud-first organizations as they “lift and shift” or modernize and migrate existing applications to cloud environments.

Cybersecurity Documentation: The Best Defense Is a Good Offense

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure. On the contrary, many oftentimes view documentation as a passive effort that offers little protection to a company, generally an afterthought that must be addressed to appease compliance efforts.