Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A DPIA is a Data Protection Impact Assessment. It’s an assessment of the likely impact on data subjects (individual) and their rights, both regarding privacy and freedom to conduct business. The goal: To identify what measures might be needed for compliance with GDPR or equivalent legislation elsewhere in the world before beginning a new process involving personal data that will make it clear how that individual’s right is affected by this project.

The new SANS 2021 Report: Top Skills Analysts Need to Master analyzes the need for organizations to invest in improving their security operations and identifies the skills analysts must master to support this initiative. Characterizing an analyst as essentially an investigator, the SANS report breaks the investigative process down into two primary areas: Investigative Tasks and Investigative Thinking.

I’m pleased to announce that Sumo Logic has finalized its acquisition of DFLabs S.p.A., a provider of security orchestration, automation and response (SOAR) software.

Thanks to the growing availability of vaccines and immunization campaigns in multiple countries, the world is starting to see a light at the end of the COVID-19 tunnel. We are eager to return to a new normal, being aware that some changes will be permanent, or if not permanent will strongly characterize the next years.

Open Source software provides the community source code that anyone can inspect, modify, and enhance. OSS is so ubiquitous that it’s even on other planets. This post is for the people who run these projects.

One thing that 2020 taught us is that you can do anything with a mobile device. My smartphone and tablet have become my go-to for shopping, banking, watching TV and video chatting with family and friends. I’m also getting a lot of work done on them. Basically it has become the center of both my personal and professional lives. Here’s the dilemma a lot of organizations are facing: while away from the office, your workers are using their mobile devices to stay productive.

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and minimize mobile security risks.

NIST compliance is mandatory for federal contractors, but there is a lot of confusion around it. Without it, chances of getting those big projects in the government are significantly skewed. So what is NIST compliance exactly?

Since Google first introduced Kubernetes, it’s become one of the most popular DevOps platforms on the market. Unfortunately, increasingly widespread usage has made Kubernetes a growing target for hackers. To illustrate the scale of the problem, a Stackrox report found that over 90% of respondents had experienced some form of security breach in 2020. These breaches were due primarily to poorly-implemented Kubernetes security.

Understanding what to audit in a network can be chaotic and confusing. Building a complete network security checklist is crucial for organizations with computers connected to the internet or to each other. Think of it like an antivirus scan you might run on your computer to find Trojans or malware, except you’re scanning your entire network to find anything that may cripple it.