Technology

PSD2 & API Security

Oct 1, 2020 By Netacea

The second Payment Services Directive (PSD2) is a data-driven legislation introduced by the European Union (EU) in 2015, with which all payment service providers (PSPs) throughout the EU and beyond must comply. PSD2 expands the scope of 2007's PSD, a directive implemented to make payments across borders as easy, secure and inexpensive as domestic payments. However, a short eight years later, innovations in technology and the prevalence of fintech have created new challenges for the payments industry to address.

Get White Paper

Netacea

Read more about PSD2 & API Security

Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

Sep 30, 2020 By Ray Canzanese In Netskope

The global pandemic caused an abrupt shift to remote work among enterprise knowledge workers, which in turn resulted in an increase in risky behavior. Attackers immediately tried to capitalize on the pandemic, with COVID-19-themed phishing emails, scams, and Trojans. At the same time, techniques used in more sophisticated cyberattacks continued to evolve.

Read Post

Netskope

Read more about Dangerous Docs: Surge in Cloud-delivered Malicious Office Documents

Demo: Netskope and Kriptos

Sep 30, 2020 By Netskope In Netskope

See how Kriptos and Netskope work together to secure and enable your users.

View Video

Netskope

Read more about Demo: Netskope and Kriptos

Sysdig Boosts AWS Security with the First Automated Inline Scanning for Fargate

Sep 29, 2020 By Sysdig In Sysdig

Sysdig also adds threat detection using AWS CloudTrail with open source Falco.

Read Post

Sysdig

Read more about Sysdig Boosts AWS Security with the First Automated Inline Scanning for Fargate

Shadow IT shaken with a mobile twist

Sep 29, 2020 By Gert-Jan Schenk In Lookout

If you bring up the topic of “shadow IT” to your head of IT, you will likely get a lecture about how employees need to follow protocol when using cloud cloud services so they don’t put the organization at risk. They’re not wrong. Without proper protection, unsanctioned tools can have significant consequences and unintentionally introduce security gaps.

Read Post

Lookout

Read more about Shadow IT shaken with a mobile twist

Leaky Images: Accidental Exposure and Malware in Google Photos and Hangouts

Sep 29, 2020 By Ashwin Vamshi In Netskope

Did you know that the default link sharing option in Google Photos allows anyone with the link to view the files and all images shared in Google Hangouts that are publicly accessible? In this edition of our leaky app series, we will cover how image link sharing in Google Hangouts and Google Photos can lead to the accidental public exposure of sensitive data. We will also look at the threat detection capabilities of Google Photos and Google Hangouts.

Read Post

Netskope

Read more about Leaky Images: Accidental Exposure and Malware in Google Photos and Hangouts

Fargate scanning in under 4 minutes

Sep 29, 2020 By Sysdig In Sysdig

Discover how to scan AWS Fargate containers in under 4 minutes with Sysdig Secure. Sometimes the handoff between your developers and security teams can be tough, especially when you deploy on serverless environments like Fargate, where a lot of the management of the underlying ECS, EKS infrastructure is abstracted from the teams.

View Video

Sysdig

Read more about Fargate scanning in under 4 minutes

iDevNews Application Architecture Summit 2020 | RBAC for SSH and Kubernetes Access with Teleport

Sep 28, 2020 By Teleport In Teleport

Enterprises are best served by leveraging an RBAC system to manage access to their SSH and Kubernetes resources. With Teleport, an open source software, employers are able to provide granular access controls to developers based on the access they need and when they need it. This makes it possible for employers to maintain secure access without getting in the way of their developers’ daily operations. Join Steven Martin, Solution Engineer at Gravitational, as he demonstrates how to assign access to developers and SRE’s across environments with Teleport through roles mapped from enterprises’ identity providers or SSOs.

View Video

Teleport

Read more about iDevNews Application Architecture Summit 2020 | RBAC for SSH and Kubernetes Access with Teleport

Stories from the SOC - Cloud and On-site Protection

Sep 28, 2020 By Edwardo Rodriguez In AT&T Cybersecurity

One of the benefits of having your managed detection and response (MDR) service managed by AT&T Cybersecurity is the visibility into threats from a large number of customers of all sizes and across different industries. This allows the team to take what they learn from one customer and apply it to another. Our security operation center (SOC) analysts were able to use an OTX alarm and an AWS correlation rule to discover open ports on public facing servers for two different customers in 24 hours.

Read Post

AT&T Cybersecurity

Read more about Stories from the SOC - Cloud and On-site Protection

Demo | Access Workflow Integration Using Pager Duty | Privileged Access Management | Teleport

Sep 26, 2020 By Teleport In Teleport

Teleport allows you to implement industry-best practices for SSH and Kubernetes access, meet compliance requirements, and have complete visibility into access and behavior. But invariably, change happens. Teleport allows users to request elevated privileges in the middle of their command-line sessions and create fully auditable dynamic authorizations . These requests can be approved or denied in PagerDuty or anywhere else via a flexible Authorization Workflow API.

View Video