Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

How To Embrace Employee Monitoring Without Compromising Culture

The modern workforce looks a lot different than it did even a decade ago. If employees actually go to a physical office, their workplaces are often defined by open concepts, collaboration and frequent communication. None of this is by accident. Studies consistently show that happy employees are more productive employees, and autonomy and access are two factors that can make employees happy.

Student Data Privacy Laws by State

Most educators know about the federal student data privacy laws such as the Family Educational Rights and Privacy Act (FERPA) administered by the US Department of Education. However, modern schools increasingly adopt new technologies such as cloud service providers for managing everything from homework assignments in Google Drive to education data in records management data systems.

Cybersecurity Hygiene: Not a Dirty Little Secret for Long

In October 2018, FICO (a consumer credit scoring specialist) began scoring the cybersecurity of companies based upon a scan of internet facing vulnerabilities. FICO grades companies using the same scoring that is familiar with consumer credit. These metrics are then used to compare security risks against competitors. This announcement has the potential to be a sea change event in cybersecurity.

How to Initiate a Threat Hunting Program (Part 2)?

In the previous steps, analysts have gathered enough data to answer their hypothesis. Two types of situations can occur. Either the real threat is found or the vulnerability is detected. In both cases, analysts action is necessary. The analysts must respond immediately when a real threat is identified. However, if there is any vulnerability, they should also resolve this before it becomes a really big nightmare.

Detectify security updates for 7 March

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Better together with Sysdig and Anchore: Comprehensive container security across the software development lifecycle

In the new cloud-native world, ephemeral services like containers make security a challenging task. As enterprises start adopting containers in production, they suffer from a great deal of variance in the software, configuration, and other static artifacts that exist across their organization’s container image set.

Kubernetes Security-Are your Container Doors Open?

Container adoption in IT industry is on a dramatic growth. The surge in container adoption is the driving force behind the eagerness to get on board with the most popular orchestration platform around, organizations are jumping on the Kubernetes bandwagon to orchestrate and gauge their container workloads.