Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Write Code That Protects Sensitive User Data

Sensitive data exposure is currently at number 3 in the OWASP Top 10 list of the most critical application security risks. In this blog post, we will describe common scenarios of incorrect sensitive data handling and suggest ways to protect sensitive data. We will illustrate our suggestions with code samples in C# that can be used in ASP.NET Core applications. OWASP lists passwords, credit card numbers, health records, personal information and business secrets as sensitive data.

Back to school? Secure your Chromebooks!

Here at Lookout, we spend a lot of time talking about how best to secure tablets and smartphones. That’s because they dominate our lives. But as some of our daily routines continue to stay virtual and our kids return to school, the importance of securing Chromebooks has become top of mind. Chromebooks have become an essential tool for schools that transitioned to distance learning in the spring.

Report: No Organization's Security Culture Has Received 'Excellent' Score

Security culture matters to executives, but these individuals are struggling to implement it. In a November 2019 study commissioned by KnowBe4, 94% of individuals with managerial duties or higher in security or risk management said that security culture was important for their organization’s success.

Innovation in clinical genomics starts with DLP for Boston Lighthouse

Boston Lighthouse Innovations is a start-up that offers a clinical genomics solution suite with processing and reporting workflows for patient diagnostics. The nine-person team grew out of Massachusetts General Hospital’s molecular pathology department, which uses genetic data to diagnose cancer.

BSIMM11: Tracking the cutting edge of software security initiatives

The Building Security In Maturity Model (BSIMM)—the annual report on the evolution of software security initiatives (SSIs)—is gaining some maturity itself. The latest report, which went public this week, is the 11th iteration. Some things haven’t changed. The fundamental goal remains what it was at the start, more than a decade ago.

When It Comes to Security of the Platform, We Mean Business. Here's How.

At Splunk, we understand that a secure platform is a trustworthy one. We strive to implement a protected foundation for our customers to turn data into action, and part of that effort is giving you more frequent insight into the security enhancements that we’ve made to the platform. In this blog series, we’ll share the latest enhancements to Splunk Enterprise, review our security features in depth, and explain why these updates are important for you and your organization.

Preparing for Zero Trust and planning your strategy

I listened in on a neat webcast recently, which was jointly produced by AT&T Cybersecurity and Palo Alto Networks: “Preparing for Zero Trust and Planning your Strategy.” Panelists were John Kindervag, Field CTO, Palo Alto Networks, Steve Sekiguchi, Director, AT&T Chief Security Office, Bindu Sundaresan, Director, AT&T Cybersecurity and Tawnya Lancaster, Lead Product Marketing, AT&T Cybersecurity.

Webinar | Industry Best Practices for SSH Access | Teleport | How To

We've all used SSH dozens of times, but do we really understand how to SSH properly? Using such a powerful tool can come with a lot of risks, especially when we're on highly distributed teams with well-trodden workflows that can be tough to change. In an era of sophisticated phishing attacks and threats always knocking at our doors, we could all use a little help with making sure our infrastructure is as secure as it can be.

The Migration From PA-DSS to SSF: Everything You Need to Know

Technology is constantly changing and advancing. Payment platforms are no exception. As these new platforms emerge, the software supporting the platform must be reliable and secure. Without secure payment platforms, payment transactions and data could be compromised. The PCI Software Security Framework (SSF) sets standards and requirements for both traditional and modern payment software.