Last month, we hosted a webinar with our CISO, Karim Beldjilali, who was formerly the CISO of Rightway a healthcare startup. Karim shared important security lessons for healthcare organizations leveraging cloud applications across their workforce. We briefly share the highlights below.
Welcome to our first ever The State of Secrets Security in SaaS Apps, an in-depth look at what security risks are posed by the data stored in organizations' SaaS applications. As companies have adopted a remote-first approach to work, these solutions have increasingly been used to send and store passwords, secrets, and API keys.
Organizations are unaware of the prevalence of API keys and secrets throughout their systems, and how their users are sharing and using them. Even with security best practices and policies in place, the lack of awareness or compliance, as well as the possibility of human error means that API keys and secrets need protection regardless of where they are stored or shared.
Last month, over the holidays, we witnessed multiple vendors experience security breaches of varying levels of severity. From LastPass and Okta to Slack and CircleCI, the news has been filled with headlines reporting on the aftermath of these incidents. We wanted to briefly cover these stories and discuss their implications for you in the current year.
Compromised secrets and credentials are the most common cause of data breaches and are often left unmanaged. In the past year alone, we’ve seen sustained growth in supply chain attacks and security incidents impacting the security of secrets stored in code repos or unknowingly shared within SaaS applications. Because of this, there is a compelling need for reliable, accurate, and actionable secrets detection for modern organizations.
In this latest blog post we are going to show you how to best set up Nightfall to discover and protect HIPAA data stored across your organization, maintaining patient privacy and helping avoid regulator fines.
With Nightfall’s enhanced PHI detection capabilities, which are based on an advanced combination of logic and context, it is very easy to identify specific instances of PHI unique to organizations. What’s even better is that all of this can be automated and tie seamlessly into existing customer workflows.
