Cross-Site Request Forgery (CSRF) explained
What is CSRF and how can you fix it? Fredrik explains how CSRF is created and how it can be used to exploit a user or a website. He also provides tips on how to mitigate it.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
%term
Don't Use Production Data In Your Test Environment: The Impact Of Leaked Test Credentials
To deliver technology products and services, companies use multiple technology environments so that changes, updates, and testing can be completed in a controlled way without interrupting customer experience. This is a best practice approach that maintains high levels of system stability, uptime and security. These “non-production”, or test environments should ideally be completely disconnected from production environments to prevent security incidents and bugs.
What you should do after a spear phishing attack
We all know information security is complicated and multi-faceted. You have plans to defend you from countless types of attacks and threats, but the risk is still there. Spear phishing is a common threat and your organization should have a plan of how to respond in the event of this type of attack.
The Netacea Virtual Waiting Room
Netacea’s Virtual Waiting Room is a cloud-based service that sits in front of your website, mobile app and APIs, controlling the flow of visitors. Guarantee a positive customer omni-channel experience even under extreme conditions such as Black Friday. The use of online services has revolutionised the way we consume everything every day, which has made life great! What’s not so great though is when these services cannot meet the consumer demand that they generate, and then become unavailable.
Top Reasons to Choose Spambrella when relying on Office 365 security
Organizations Using Office 365 Are Choosing Spambrella For The Following Reasons...
Sales Play Book - Value Proposition
Today’s email attacks (ransomware, business email compromise, and sandbox evasion) have evolved, and are outpacing the tools developed to combat them. While they may help with some aspects of email security or stop some attacks, they don’t solve the whole problem and attacks need only succeed once to seriously harm people, data, and brands. Partial security is not security.
Observability and Visibility in DevSecOps
Companies often turn to software as a solution when they need to solve a problem. Whether it’s to automate or enhance a task, or gain valuable information in an easily consumable fashion. The same is true for security teams on both sides of the red and blue line. Security professionals build tools to automate exploitation, detect attacks, or process large amounts of data into a usable form.
Building and Evaluating a Threat Intelligence Program (Part 2)
In the second part, we will take the discussion forward from where we left in the first part. Earlier, we have discussed the basics of threat intelligence and its types. In this post, we will discuss various considerations while building a threat intelligence plan.
Why Your SOC Needs More Than a SIEM Tool
Cybercrime is becoming more sophisticated by the day. Meanwhile, the price for a breach due to damage and disruption, ransom payments and regulatory fines, is increasing. No wonder there’s more of a need than ever for companies to set up a dedicated SOC using SIEM to identify threats and raise the alarm. But is that enough to fight the hackers?
Exposing the common flaws penetration testers always see
We live in an age where cyber security threats are (or at least should be) at the forefront of everyone’s mind. Very recently, British Airways suffered a huge security breach that led to over 300,000 payment cards being compromised, showing that even the big players can still get hacked if they’re not 100% vigilant.