Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Scaling up Security with DevOps and CI/CD practices

Some believe that “whatever can be automated, should be automated” and in general benefits include faster production, consistency in product and quality, rolling back from failures and all allowing employees to focus on more creative and analytical tasks. The same can be said for the automation of quality assurance and security of developer coding and programming.

Information on open source vulnerabilities is as distributed as the community

Nothing gets the AppSec / InfoSec community abuzz quite like a good old 0-day vulnerability. I mean, what’s not to love here? These vulnerabilities involve the thrill of adversaries knowing something we don’t, giving them a path to sail through our defenses to break into that sweet data inside. They are the James Bond of the security space — suave, sexy, and deadly.

Vulnerability Management Metrics: The Final Frontier

In Part 1 of this series, we looked at some of the metrics that an executive team would want to see to identify how the business risk is trending. It is very important to keep in mind that if the business does not see the information security program as effective and efficient, they will not continue to invest in information security projects. In this part, we will look at the operational level reports that can assist in focusing efforts to reduce the risk to the business.

Logging in a DevOps environment: what you should know

DevOps is the new normal, and cloud here is to stay – sound familiar? When you combine the two and distill the technology at the core, what you end up with is the realization of the importance of logs and log management. This is because logs at multiple levels help DevOps teams understand their application and even allow them to detect and address application issues before being promoted into production.

Veriato impacts UK police force

Veriato, the leader in the user activity monitoring and analysis market, today reported that their inaugural Police User Group was a resounding success seeing Police staff attend from all over the UK. The event hosted in London demonstrated Veriato's ongoing commitment in providing an essential active monitoring solution used by Professional Standards and Anti-Corruption units across 75% of UK Police forces.

If the Data Breach Doesn't Kill Your Business, the Fine Might

When you hear about a data breach in the news, it’s usually related to a major company or social media network that has been targeted. The erroneous conclusion would be that the hackers only focus on exploiting security flaws in large organizations, but the opposite is true.

Hackers aren't confined to cyberspace anymore

Like many things in life, hackers are victims (and I use the word loosely) of stereotyping. You won’t find much stock imagery depicting hackers that doesn’t involve a hoodie, a dimly-lit room and several monitors full of scrolling binary text. And whilst that’s definitely sometimes true, it also makes several assumptions about hackers in general, which is at best misleading and at worst leaves you wide open to attack.