Machine learning has infiltrated the world of security tooling over the last five years. That’s part of a broader shift in the overall software market, where seemingly every product is claiming to have some level of machine learning. You almost have to if you want your product to be considered a modern software solution. This is particularly true in the security industry, where snake oil salesmen are very pervasive and vendors typically aren’t asked to vigorously defend their claims.

Australia’s government has big aspirations to increase public service capability and capacity. By reducing its reliance on external firms and bringing capabilities in-house, the government hopes to boost efficiency, improve spending, and become a more equitable, inclusive employer. This transition won’t necessarily be easy. Manual processes and disparate legacy systems will make it difficult for government agencies to deliver great employee experiences.

“Automation” and “orchestration” are terms that frequently appear within the same sentence – which is unsurprising, because they are closely related. In fact, they’re so similar in meaning that it can be easy to confuse their meanings or assume that there is basically no real difference between security automation and orchestration. But, as with many concepts in the world of IT and security (“observability” vs.

Developers are building features at an unprecedented speed using what they need from the software ecosystem. These ever-expanding options include open-source libraries and packages, SaaS tools, deployment systems, cloud services, and more. To keep things secure, we always need the same thing: a secret.

For its 25th year, Black Hat USA presented a “unique hybrid event experience, offering the cybersecurity community a choice in how they wish to participate” virtually or in person. It was a jam-packed four days of trainings, conferences, briefings, special events, and cybersecurity solutions.

Does it seem like everyone’s talking about Zero Trust? Maybe you know everything there is to know about Zero Trust, especially Zero Trust for container security. But if your Zero Trust initiatives are being met with brick walls or blank stares, maybe you need some help from Gartner®. And they’ve got just the thing to help you explain the value of Zero Trust to your leadership; It’s called Quick Answer: How to Explain Zero Trust to Technology Executives.

Innovation in DevSecOps must keep pace with the speed of the dynamic, volatile modern cybersecurity environment. Yesterday’s solution worked beautifully…yesterday. What has it done for me today? Continual iteration and speed are paramount, but they’re not without risks. As a SaaS provider, how do you know that the latest evolution of your product works at scale? How do you know that it works at all?

In this issue of the Calico Community Spotlight series, I’ve asked Burak Tahtacioglu from ParkLab Technology to share his experience with Kubernetes and Calico Open Source. Let’s take a look at how Burak started his Kubernetes journey, and the insights he gained from Calico Open Source. Q: Please tell us a little bit about yourself, including where you currently work and what you do there. I am a Sr. Software Developer in our Developer Experience team.

Back in May of this year, Verizon published its 15th annual Data Breach Investigation Report (DBIR) for 2022 which states that 82% of breaches involved the human element, whether it is the user of stolen credentials, phishing, misuse, or an error, people are the biggest contributors to security incidents and breaches. The past several months has also resulted in numerous phishing attacks via corporate email and SMS text messages.

In just three quarters since Torq was officially launched, our visionary team has delivered a 385% increase in customers, resulting in 360% quarter-over-quarter growth. We’ve also boosted our headcount by 150% and now have more than 100 technology integration partners, including Armis, Orca, SentinelOne, and Wiz. In addition, we recently opened new offices in the UK, Spain, and Taiwan

Zero Trust security is gaining attention and momentum as a security approach or mindset that can improve the security posture of enterprises as they continue to battle hackers. Because of this widespread attention on Zero Trust, every software security vendor seems to be jumping on the Zero Trust bandwagon. However, Zero Trust is not a product or service. No single product or vendor can sell you Zero Trust security.

Ciara lists 10 ways to make your software pipelines more transparent and observable to gain insights, identify unusual behavior and possibly prevent a software supply chain attack.

A SIEM (Security Information Event Management) platform, along with several other tools that make you crave Alphabet Soup (XDR, UBA, NDR, etc), is a critical component of any organization’s security infrastructure. Between a constantly growing volume of logs, increasing attacks and breaches, and challenges finding qualified staff, many organizations may consider a SIEM migration. There could be several reasons for this.

We’ve entered a time when hard drives are becoming less important than data speeds, syncing, and remote storage. More and more end-users are saving their files in the cloud for convenience, safety, and cost savings. That said, some people still have concerns about cloud computing -- namely around security. How safe are files that are stored hundreds or thousands of miles away, on some other organization’s hardware?

Ransomware is the gift that keeps on giving. Old as it is (33 years) ransomware is constantly morphing into new exploits. The reason is simple. Ransomware works and too often cybercriminals walk away with bags of money (or piles of Bitcoin, anyway). “Following the World Health Organization's AIDS conference in 1989, Joseph L. Popp, a Harvard-educated biologist, mailed 20,000 floppy disks to event attendees.

“Why is it so bad right now? Why does it seem like we’re fighting this up-hill battle?” The internet, it seems, is having a mid-life crisis. As industries progress through their life cycle, they are expected to reach a quasi-steady state of maturity, but the internet hasn’t gotten that message. In fact, it seems to be stuck in the growth phase, expanding exponentially with no end in sight, and securing it just feels so hard. Let’s dive into my Black Hat recap.

InfoSec, like any other aspect of IT, is a matter of three factors coming together: people, process and technology. All of these factors cost time and money in some way. The truth is, there are very few organizations out there who can supply their own security programs, staff, technology, processes and everything needed for InfoSec to an efficient degree. Everyone has to compromise in some way.

In our RESOLVE ’22 event The SOC and the NOC, moderator and 3 Tree Tech VP of Cybersecurity Kris Taylor welcomed two esteemed guests to the stage: As Kris noted at the top of the event, we brought our panelists together to talk about “the culture of the network operating center (NOC) and security operations center (SOC).” Along the way, they discussed different philosophical and practical takes on the high-level topics of networking and security.

When people hear ‘microservices’ they often think about Kubernetes, which is a declarative container orchestrator. Because of its declarative nature, Kubernetes treats microservices as entities, which presents some challenges when it comes to troubleshooting. Let’s take a look at why troubleshooting microservices in a Kubernetes environment can be challenging, and some best practices for getting it right.

There’s no doubt that the typical modern enterprise generates large amounts of data that must be moved, analyzed, and safely stored. Because much of this data involves the privacy of users and customers, various laws and regulations have been created to drive strong protection practices. While these regulations vary a great deal from country to country, the underlying concept remains the same: keep data safe while making it available to authorized users when they need it.

What’s autorun? Autorun is a feature of the Masterfiles Policy Framework (MPF)1 that simplifies the process of adding and executing new policy. We have talked about Modular policies with autorun and the Augments before. This time, we dig into autorun a bit deeper to explore some of its current features and look at how to implement your own as we did during The Agent is In, Episode 15 - Extending Autorun

It’s difficult for even the most advanced security teams to stay on top of evolving incursions and ensure their processes effectively map to prevent them. That’s where pre-built templates come into the conversation. No-code, security automation templates can handle the considerable burden of having to maintain and update processes that integrate with a company’s security stack.

The cyberthreat landscape has expanded in recent years, accelerated by enterprises promoting remote work and more reliance on cloud computing. These are a business necessity, and yet, facing down cybersecurity threats often doesn’t come with an expansion of resources to address them. In a future post, I’ll discuss more about the Security Poverty Line, and how organizations deal with its harsh trade-offs and compromises in an uncompromising landscape.

The security of payments is underlined in multiple visuals we confront each day while visiting numerous websites and apps. Can businesses and customers benefit from that? Any company handling cardholder data, whether a startup or an enterprise, must adhere to the Payment Card Industry Data Security Standard (PCI DSS). You must validate your compliance annually in order to remain compliant.

More and more companies around the world are using cloud solutions to run their applications, software or to store their data. But what about cloud compliance? The democratisation of the cloud is not surprising as it provides access to virtual data storage where companies no longer need to buy or maintain their own IT infrastructure. However, with cloud solutions, the security of user data should not be overlooked. There are cloud certifications and regulations that can help you in your choice.

Last year, we announced our partnership with the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) to work on the Implementing a Zero Trust Architecture project. After a year of collaboration with its industry partners, including Ivanti, NIST recently released its preliminary draft, NIST Cybersecurity Practice Guide SP 1800-35 Vol B, for public comment.

When creating an application, developers often rely on many different tools, programs, and people. This collection of agents and actors involved in the software development lifecycle (SDLC) is called the software supply chain. The software supply chain refers to anything that touches or influences applications during development, production, and deployment — including developers, dependencies, network interfaces, and DevOps practices.

StatusGator now supports Two-Factor Authentication, often called 2FA, a more secure way of signing into your account. Using an authenticator app such Google Authenticator, Authy, or a password manager like 1Password, you can now protect your StatusGator account with a second authentication factor, a one-time password (OTP) that you enter after signing in.

In today's world, information security is a noteworthy concern for all organisations, including those outsourcing vital enterprise operations to third parties. Enterprises are vulnerable to data theft, extortion, and malware installation when mishandled data, particularly by application and network security providers. American Institute of Certified Public Accountants (AICPA) was the organization that created SOC 2 which stands for ‘Service Organization Control 2'.

Kubernetes has grown immensely, and its use within organizations is maturing. While Kubernetes’ growth is exciting, security concerns around applications deployed on Kubernetes are mounting. Red Hat performed a survey with hundreds of DevOps professionals, and it showed that 55% delayed application releases due to security issues.

Organizations leverage many different cybersecurity and observability tools for different departments. It’s common to see the IT department using Splunk Enterprise, while the SOC uses Exabeam. Both of these tools use separate agents, each feeding different data to their destinations. Normally this isn’t a problem unless you’re talking about domain controllers. Domain controllers only allow a single agent, meaning you can’t feed two platforms with data.

With 2021 seeing 5.1 billion records breached and an annual increase in attacks at 11%, the risk of security incidents is only getting greater every year. And when an attack hits, the cost to recover, which includes fines, penalties, legal fees, and much more, are also great. To help minimize the scope of financial damage, many organizations turn to cyber insurance. Albeit a relatively new branch of insurance, demand is already huge and ever increasing.