Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

API Security: The Non-Negotiable for Modern Transportation

The transportation sector is undergoing a digital revolution, from railways to aviation and trucking. APIs are at the heart of this transformation, particularly for airlines. Airlines utilize APIs to integrate internal systems with vital services such as booking platforms, check-in services, real-time flight updates, communication with customs agencies, and baggage handling.

SecurePortal 2.10 - Introducing Threat Intelligence

At Pentest People, we understand that threats extend beyond your infrastructure to global events and industry-specific challenges that can impact your organisation. That's why we're excited to unveil our new Threat Intelligence Dashboard, a powerful tool that provides in-depth insights into global threats relevant to your industry and sector. Enhance your situational awareness and empower your team with actionable intelligence tailored to your specific needs.

Adding runtime threat detection to Google Kubernetes Engine with Falco

One of the big advantages of running your workloads on a managed Kubernetes service like Google Kubernetes Engine (GKE) is that Google ensures your clusters are being deployed and managed following industry best practices. While GKE clusters are incredibly secure and reliable, there is always room for improvement. In this blog, we’re going to describe how you can enhance GKE’s already great security by adding runtime threat detection with Falco.

Strength in Numbers - Your Intelligence Sharing Advantage with ThreatQ

Threat intelligence sharing has become a strategic imperative for organizations that are looking for a force multiplier to help them better understand and defend against the rapidly evolving threat landscape. In fact, from the White House to CISA to government agencies around the world, there’s a global focus at the highest levels on breaking down barriers and modernizing approaches to cyber threat data sharing.

Okta vulnerability explained (bcrypt auth bypass)

Okta Bcrypt Authentication Bypass Explained Last week, on October 30th, Okta released an interesting security advisory detailing a vulnerability that could potentially lead to an authentication bypass. According to Okta, the vulnerability was discovered during an internal review and was promptly addressed. Okta was transparent about the issue, sharing the details publicly.

Securing Snowflake PII: Best Practices for Data Protection

As organizations increasingly rely on cloud data platforms, securing PII (Personally Identifiable Information) has become more critical than ever. Snowflake, a robust cloud-based data warehouse, stores and processes vast amounts of sensitive information. With the rise in data breaches and stringent regulations like GDPR and CCPA, safeguarding PII data in Snowflake is essential to ensure data privacy and compliance.

Powering Global Post-Production Workflows for Media and Entertainment

Imagine working on a blockbuster movie where the post-production team is spread across the globe with some working from Hollywood, others in London, and even more in Mumbai. Each of these teams relies on high-speed, secure network connectivity to ensure that massive media files move swiftly from one location to another, enabling real-time collaboration without missing a beat. That’s the reality for many modern studios.

CyberArk Extends Partnership with Microsoft to Simplify Entra ID Authentication

It’s finally here! Microsoft’s new external authentication methods (EAM) is now available in public preview, set to replace custom controls. For the past couple of months, we’ve been working closely with the Microsoft Entra ID team to bring you this highly anticipated security enhancement. External authentication methods integration with CyberArk delivers enhanced security while simplifying user experiences.

CMMC Mobile Security: A Guide to Compliance for Enterprise Organizations

Just about every organization works with some amount of sensitive information, but the defense industry’s information is more sensitive than most. That’s why the United States Department of Defense (DoD) created the Cybersecurity Maturity Model Certification (CMMC). This cybersecurity model helps protect controlled data in the defense industry — and, by extension, the military personnel who rely on that data to stay productive and safe.

How to Apply the NIST Framework to Your Mobile Security Strategy

If mobile devices aren’t a high priority in your security posture, they should be. About two-thirds of employers consider smartphones “critical to agility and speed of decision-making,” and some would even consider phasing out PCs entirely. As a starting point, consider using the National Institute of Standards and Technology (NIST) cybersecurity framework. This set of guidelines from the U.S.