Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In August 2022, LastPass suffered a data breach with escalating impact, ultimately resulting in a mass user exodus toward alternative password manager solutions. This post provides an overview of the timeline of events during the LastPass cyber attack and critical lessons to help you avoid suffering a similar fate. Learn how UpGuard streamlines Vendor Risk Management >

In this blog post, we will introduce the concept of behavioral Cloud Application Detection & Response (CADR). In case this is the first time you have heard of CADR, we’ll start by explaining that concept and explain why it’s essential for protecting modern applications. Let’s go.

In today’s rapidly evolving cybersecurity landscape, businesses face an ever-growing number of threats. From sophisticated malware attacks to data breaches, staying ahead of cybercriminals can feel like a daunting task. One essential tool in defending your organization is a Security Information and Event Management (SIEM) system.

If you thought PCI DSS 4.0.1 was just a minor tweak to the old requirements, think again. 2025 is here, and it’s clear that many SAQ A-EP merchants are still missing critical steps needed to stay compliant. In fact, we noticed that over 90% of SAQ A-EP merchants aren’t aware that they need to implement new technical measures to address Requirements 6.4.3 and 11.6.1.

It only takes seconds for a normal workday to turn disastrous. No matter what industry you’re in, handling your IT obligations is crucial. A single data breach costs an average of $4.5 million to overcome. Many people choose to outsource these responsibilities, but not everyone knows how to find the right provider. This is especially true when looking for an MSSP vs MSP. Knowing the difference can help you make the best decision for your IT operations and overall business security.

If you’re here, you know the basic DevSecOps practices like incorporating proper encryption techniques and embracing the principle of least privilege for access control. You may be entering the realm of advanced DevSecOps maturity, where you function as a highly efficient, collaborative team, with developers embracing secure coding and automated security testing best practices.

Kubernetes security is a critical part of the app lifecycle, through the build, deployment and runtime stages. Kubernetes runtime environments are dynamic and continuously changing. As clusters are replaced and permissions reassigned, security becomes an innate part of DevOps. It is important to ensure that malware and other malicious attacks do not access the cloud, as they might lead to system failures, servers going down, and more.