Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

A security overview of Content Management Systems

Any developer would probably agree Content Management Systems (CMS) make it easier for web development teams and marketing to work together. However CMS assets like blog.company.com are also web application based and could be targets of hacker attacks. Why’s that? Simply because they are based on commonly used technologies, communicate with end users, bring in organic or paid reader traffic and build brand awareness.

The Ransomware Remedy

As ransomware attacks become more sophisticated, they pose an ever-increasing threat to data-driven systems. Much like an infectious disease, malware wreaks the most havoc once it spreads; so the best way for hackers to get the most bang for their buck is by targeting vulnerable businesses. When an encrypted file from one account syncs to the cloud and to other devices, productivity grinds to a halt.

Devo Technology Accelerates Investment in Cybersecurity with New Business Unit, Major Hires

Cambridge, MA, December 4, 2018 – Devo Technology, the data operations company, is building on its success delivering cybersecurity solutions to Fortune 2000 companies with the addition of three security executives to its employee roster. The company today announced the appointment of Julian Waits as General Manager of the Devo Security Business Unit. Joining Waits are Matt Mosley, Vice President of Products, Cybersecurity and Fred Wilmot, VP of Security Engineering.

Detectify for managers

Detectify is a web application and domain security tool that gives you an overview of your security status and integrates into the development cycle to increase productivity. WIth a wide range of CICD integrations, Detectify makes it easy to assign remediation tasks to the right team, share security information throughout the organization, and aggregate data for effortless reporting.

What Type of Vulnerabilities Does a Penetration Test Look For?

Penetration testing is becoming increasingly popular as organizations are beginning to embrace the need for stronger cybersecurity. But there are still too many businesses that don’t fully understand the benefits of regular security testing. Pen testing is vital for any kind of organization with an IT system or website. A recent survey of penetration testers revealed that 88 percent of those questioned said they could infiltrate organizations and steal data within 12 hours.

How Mature Is Your Insider Threat Program

The Veriato Insider Threat Program Maturity Model report was created to help security professionals assess their ability to monitor, detect, and respond to insider threats. Join Insider Threat expert, Jim Henderson from Insider Threat Defense, Nick Cavalancia from Techvangelism and Cyber Security Expert, Patrick Knight as they discuss numerous results from the Insider Threat Maturity Report.

How to Create Incident Response Plan Steps for Data Breaches

An estimated 34 percent of companies have experienced data breaches in the last 12 months. With those odds, every organization should be prioritizing cyber security and cyber attack management. Take the time now to put together a data breach incident response plan utilizing these steps, so if your organization is affected, you’ll be able to respond as quickly and effectively as possible. Here are some key steps the plan you create should include.

Abuse MITM possible regardless of HTTPS

Almost ten years ago Firesheep made the news. Security people had known for years the danger of public WiFi-networks, but it was not until someone made a user-friendly Firefox extension out of the idea until it really got people’s attention. Since then a lot has happened to the web, so would something like that still be possible?

Detectify security updates for 29 November

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.