Technology

Cloudflare account permissions, how to use them, and best practices

Sep 25, 2023 By Joseph So In Cloudflare

In the dynamic landscape of modern web applications and organizations, access control is critical. Defining who can do what within your Cloudflare account ensures security and efficient workflow management.

Read Post

Cloudflare

Read more about Cloudflare account permissions, how to use them, and best practices

Ensuring vendor integrity: Why the cloud shouldn't be your only backup

Sep 25, 2023 By Zachary Curley In AT&T Cybersecurity

As a senior consultant I deal with customers across numerous industries and maturity levels. I am often engaged in conducting risk assessments or gap analysis aligned with common frameworks such as the National Institute for Standards and Technology’s (NIST) Cybersecurity Framework (CSF). Most, if not all, the frameworks have a few controls that focus on the organization’s backup processes and disaster recovery plans.

Read Post

AT&T Cybersecurity

Read more about Ensuring vendor integrity: Why the cloud shouldn't be your only backup

2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management

Sep 23, 2023 By Wallarm In Wallarm

Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API9:2023 Improper Inventory Management. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.

Read Post

Wallarm

Read more about 2023 OWASP Top-10 Series: API9:2023 Improper Inventory Management

Enterprises Are Hesitant to Share Data with LLMs. Here's Why.

Sep 22, 2023 By Anwita Dhar In Protecto

Large language models like OpenAI’s GPT, Anthropic’s Claude, and Google’s Gemini have changed the way businesses process and transmit sensitive data. LLMs boosted productivity and enhanced customer experience like never before, triggering unprecedented adoption across enterprises. Amidst all the rush and excitement, the negative impacts were overlooked and swept under the carpet – till it became a privacy and compliance issue.

Read Post

Protecto

Read more about Enterprises Are Hesitant to Share Data with LLMs. Here's Why.

Protecting from Threats Caused by OpenAI and LLM Tools | Mona Salvi (Senior Director, HubSpot)

Sep 22, 2023 By Indusface In Indusface

Here are some highlights of the conversation between Mona Salvi (Senior Director - Product Security, HubSpot) and Venky (Founder, Indusface). She talks to Venky about building a unified organization structure and North Star metrics to drive security-related initiatives in a cohesive working environment. She also shares how to manage three pillars - platform security + trust & safety + payments fraud together under a single leadership umbrella.

View Video

Indusface

AI
Security

Read more about Protecting from Threats Caused by OpenAI and LLM Tools | Mona Salvi (Senior Director, HubSpot)

Typo traps: analyzing traffic to exmaple.com (or is it example.com?)

Sep 22, 2023 By João Tomé In Cloudflare

A typo is one of those common mistakes with unpredictable results when it comes to the Internet’s domain names (DNS). In this blog post we’re going to analyze traffic for exmaple.com, and see how a very simple human error ends up creating unintentional traffic on the Internet. Cloudflare has owned exmaple.com for a few years now, but don’t confuse it with example.com!

Read Post

Cloudflare

Read more about Typo traps: analyzing traffic to exmaple.com (or is it example.com?)

How to Secure a REST API

Sep 22, 2023 By Jeff Darrington In Graylog

Sitting at your desk, coding away with another cup of your favorite caffeine-infused beverage, you might be thinking to yourself, “it’s true what they say about no rest for the weary.” If you’re developing an app or architecting a cloud-native system, you can actually get the REST you need with the right Application Programming Interface (API). REST APIs provide a scalable, flexible, easy-to-use interface that makes developing and connecting web apps easier.

Read Post

Graylog

Read more about How to Secure a REST API

How to Secure Remote Workers and Cloud Access at the Same Time

Sep 22, 2023 By CISO Global In CISO Global

In an era where remote work and cloud-first applications have transformed the business landscape, hardening cloud and remote access has never been more critical. Join us for a live event to explore cohesive strategies for safeguarding your organization's most valuable assets in the cloud. Thought leaders Jerald Dawkins, Ph.D., Chris Clements, and Michael Oglesby will introduce Argo Edge, a cutting-edge cloud-first security solution, and how it addresses these challenges head-on. Learn more about how to provide robust protection for your users – regardless of their location.

View Video

CISO Global

Read more about How to Secure Remote Workers and Cloud Access at the Same Time

Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Sep 22, 2023 By Michael Haag In Splunk

On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like mockbin.org and mocky.io.

Read Post

Splunk

Read more about Mockbin and the Art of Deception: Tracing Adversaries, Going Headless and Mocking APIs

Analyzing EKS cluster data with Calico and SIEM to detect threats and improve security

Sep 21, 2023 By Joao Coutinho In Tigera

Security Information and Event Management (SIEM) is essential for enterprise organizations because it provides the tools and capabilities needed to effectively monitor, detect, respond to, and mitigate cybersecurity threats, while also supporting compliance and overall security strategy enhancement.

Read Post