Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technology

How we created the first conversational AI cloud security analyst

In the rapidly evolving landscape of cybersecurity, the need for a robust and intelligent assistant capable of analyzing, summarizing, and reacting to events is paramount. This is why we designed Sysdig SageTM, our large language model (LLM)-based cloud security analyst, to be an expert in cloud detection and response (CDR). Sysdig Sage excels at summarizing complex events and providing clear explanations, which is crucial for identifying and promptly reacting to potential threats.

Time is of the Essence: Shrinking MTTR in API Security

In the fast-paced world of cybersecurity, every second counts. When an API attack occurs, the speed at which your security team can detect, understand, and respond to the threat can mean the difference between a minor incident and a major data breach. This is where Mean Time to Resolve (MTTR) comes into play. MTTR is a key performance indicator (KPI) that measures the average time it takes to resolve a security incident, from the moment it's detected to the point where it's fully mitigated.

CISOs are concerned about new AI pressures - what can they do about it?

The pressure on security teams has never been greater. With an ever-evolving threat landscape, resource constraints, and now the rapid adoption of artificial intelligence (AI) technologies, Chief Information Security Officers (CISOs) are facing unprecedented challenges. This was one of the clear takeaways from our recent report CISO perspectives: separating the reality of AI from the hype, in which 53 CISOs shared their opinions and experiences of AI’s impact on their security operations.

How Attackers Use APIs to Disguise Bots as Games Consoles

Attackers and bot authors are continually evolving their methods, shifting their focus beyond just websites. With websites often having a reasonable level of protection, malicious actors are increasingly targeting less-protected areas, namely APIs, with their bots. This blog post delves into the evolving threat landscape. We’ll focus on how attackers exploit APIs and IoT devices to launch attacks like credential stuffing, using streaming services as a prime example.

Gartner Insights: Navigating the Evolving API Protection Market and Taking Action

Securing your API ecosystem is increasingly complex, leaving organizations unsure where to begin. Gartner's 2024 Market Guide for API Protection offers clear guidance: Understanding your API attack surface and prioritizing your security efforts is crucial. Once you have visibility into your API landscape, you can implement appropriate security measures to protect your APIs from abuse and access violations.

API Security Testing on Free Swagger collection

API security is a critical aspect of modern web applications, ensuring that your APIs are robust and secure from potential threats. In our latest video, we dive into API security testing using a free Swagger collection. Swagger, an open-source framework, allows developers to design, build, document, and test their APIs with ease. By leveraging Swagger collections, you can perform comprehensive security testing to identify vulnerabilities such as injection flaws, data exposure, and improper authentication. This proactive approach helps in mitigating risks and protecting your API endpoints from malicious attacks.

Thwarting Cyberattacks: Top In-House Solutions

There is no doubt that the number (and severity) of cyberattacks is on the rise. While the lion's share of attention has been devoted to major breaches that often impact multinational organisations, the fact of the matter is that small- to medium-sized enterprises are also at risk. This is why managers and stakeholders must adopt the latest safety protocols to avoid incidents that might otherwise quickly bring operations to a halt. Let us look at four practical suggestions, and the unique benefits associated with each.

How to Securely Use AI in Your Business

Since ChatGPT's launch in November 2022, generative AI-based services have flooded nearly every single sector. While these tools have the potential to greatly increase work productivity, they also introduce risk that organizations may not be aware of. Some companies have taken the hardline approach of banning employee access to AI tools, but following that path runs the risk of leaving you lagging behind your competition.