Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

CASB vs Cloud SIEM for SaaS Security

Today’s businesses spend more money on SaaS tools than on laptops. On average, today’s employees use a minimum of eight different SaaS tools. The security implications of this robust cloud landscape cannot be neglected and we trust you are fully aware of it already. As an IT leader, you are responsible for keeping your company’s cloud infrastructure secure, but with the multitude of cloud apps businesses use on a daily basis, you have less and less control of that security landscape.

What is Role-Based Access Control (RBAC)? Examples, Benefits, and More

Role-based access control (RBAC), also known as role-based security, is an access control method that assigns permissions to end-users based on their role within your organization. RBAC provides fine-grained control, offering a simple, manageable approach to access management that is less error-prone than individually assigning permissions. This can reduce cybersecurity risk, protect sensitive data, and ensures that employees can only access information and perform actions they need to do their jobs.

The Expert's Guide on Tackling the Cybersecurity Skills Gap

The skills gap is weighing heavily on the minds of digital security team members. In a survey of 342 security professionals, Tripwire found that 83% of infosec personnel felt more overworked in 2020 than they did a year earlier. An even greater percentage (85%) stated that it had become more difficult for their organizations to hire skilled security professionals since then.

MITRE Releases an Update to The Common Weakness Enumeration (CWE)

MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source of adversarial tactics and techniques and their mitigations, MITRE is also known for another resource: the Common Weakness Enumeration (CWE). The CWE is a community initiative sponsored by the Cybersecurity and Infrastructure Security Agency (CISA).

Capitalize on Analyst Intuition for More Effective Cybersecurity

You’ve probably heard by now that we face a severe shortage of cybersecurity professionals with the skills and experience necessary to effectively defend against today’s—and tomorrow’s—threats. Cybersecurity Ventures estimates there will be 3.5 million unfilled jobs globally by 2021. Fortunately, there are key areas of the SOC workflow that can be automated to take advantage of security analyst intuition and act as a force multiplier.

Deploying Applications to a Kubernetes Cluster to Which You Don't Have Access

For the impatient, in this blog post, we’ll look into the problem of preparing a Kubernetes application to be deployed into a large number of Kubernetes clusters, even if you, the developer, do not have direct access to them all. The tutorial parts of this post will utilize Gravity 7.0, which you can download here. This version is in beta at the time of publication, so be sure to select pre-releases in the dropdown on the download page to access it.