Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Trustwave

CMMC 2.0: A New Era of Cybersecurity for the Defense Industrial Base

Sep 3, 2024 By Trustwave In Trustwave
The Cybersecurity Maturity Model Certification (CMMC) framework is undergoing a significant transformation with the introduction of CMMC 2.0. This revamped approach aims to streamline compliance, reduce costs, and enhance the overall security posture of the defense industrial base (DIB). CMMC is a framework developed by the U.S. Department of Defense (DoD) to assess and certify the cybersecurity posture of its contractors and subcontractors.
Read Post
splunk

The Final Shell: Introducing ShellSweepX

Sep 3, 2024 By Michael Haag In Splunk
Over the last year, we have continued to witness web shells breaching organizations worldwide, affecting both edge devices and on-premise web applications. Web shells consistently evade standard controls, posing a persistent threat. Today, the Splunk Threat Research Team is excited to announce the final tool in the ShellSweep collection: ShellSweepX.
Read Post
splunk

Splunk SOAR Has Attained FedRAMP Moderate Authorization

Sep 3, 2024 By Bill Rowan In Splunk
Splunk is proud to announce that Splunk SOAR has received Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization at the Moderate impact level. Splunk SOAR is ready to help public sector teams work smarter by automating repetitive tasks, responding to security incidents in seconds, and increasing analyst productivity and accuracy to better protect their organizations and the missions they serve.
Read Post

Random but Memorable - Episode 13.4: Creating Cybersecurity Program Pie with Alan Watkins

Sep 3, 2024 By 1Password In 1Password
Why should we stop using work laptops for personal use? Is your car sneakily selling your driving data? We answer all that and more in Watchtower Weekly. We also invite special guest, Alan Watkins, to the show to walk through his book: Creating a Small Business Cybersecurity Program. Tune in, as Alan serves up a non-technical guide for small business owners to get started with security and putting privacy at the heart of their business.
View Video
knowbe4

Major Scam Operation Uses Deepfake Videos

Sep 3, 2024 By Stu Sjouwerman In KnowBe4
Researchers at Palo Alto Networks’ Unit 42 are tracking dozens of scam campaigns that are using deepfake videos to impersonate CEOs, news anchors, and high-profile government officials. Unit 42 believes a single threat actor is behind the scheme. The researchers discovered hundreds of domains used to spread these campaigns, each of which has been visited an average of 114,000 times. The goal of the operation is to spread investment scams and fake government-sponsored giveaways.
Read Post
teleport

Securing Infrastructure in Healthcare: Reducing Breaches and Building Resiliency

Sep 3, 2024 By Jack Pitts In Teleport
Telehealth and remote patient monitoring solutions enable healthcare providers to deliver care beyond traditional clinical settings. However, developing and deploying these digital healthcare solutions involves navigating complex challenges, particularly regarding data privacy and regulatory compliance. Ensuring adherence to HIPAA regulations while securely managing remote infrastructure adds layers of complexity for healthcare IT, security, and engineering teams.
Read Post
wallarm

API Attack Surface: How to secure it and why it matters

Sep 3, 2024 By Wallarm In Wallarm
Managing an organization’s attack surface is a complex problem involving asset discovery, vulnerability analysis, and continuous monitoring. There are multiple well-defined solutions to secure the attack surface, such as extended detection and response (EDR or XDR), security information & event management (SIEM), and security orchestration, automation & response (SOAR); despite that, these tools often do not prioritize APIs.
Read Post

HIPAA Compliance Mistakes To Avoid

Sep 3, 2024 By VISTA InfoSec In VISTA InfoSec
Avoiding HIPAA compliance mistakes is crucial to safeguarding patient data and avoiding hefty fines. Common errors like improper data storage and insufficient employee training can put your practice at risk. Stay compliant by knowing the pitfalls and implementing best practices to protect sensitive information.
View Video

Detect Secrets In Microsoft Teams With GitGuardian

Sep 3, 2024 By GitGuardian In GitGuardian
GitGuardian can now help you find and remediate secrets exposed in your Microsoft Teams channels. We have extended the real-time detection capability of our secrets detection platform to include the popular communications tooling to help teams better fight secrets sprawl throughout their organizations Once integrated, whenever a plaintext credential is accidentally posted to Teams messages, GitGuardian will create an alert and the incident will appear in your GitGuardian dashboard, allowing you to remediate it like any other leaked secret.
View Video
Snyk

3 ways AppSec modernization is a game-changer for financial services

Sep 3, 2024 By Katie DeMatteis In Snyk
Today’s established financial services companies face high pressure from their competition. Many of them find that they must provide an innovative, customized customer experience (CX) or lose out to FinTech disruptors who are already doing CX well. As a result, these businesses are prioritizing innovative, feature-rich applications and adopting the latest and greatest in software development to speed up release cycles and increase productivity.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.