Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Here is the story of how we caught a ransomware attack in our research honeypot. Ransomware attacks on enterprise organizations lead the news. See Change Healthcare and Ascension. Attackers spend their time on the victim’s network, exfiltrate gigabytes of sensitive data, then lock victim’s systems — and ask for millions of dollars in ransom payment. We also hear news about how AI is used maliciously.

We’re excited to share that we've expanded Vanta’s security and privacy training library with additional training modules, including AI Risk, Secure Coding, Insider Threat, and Social Engineering.

The current situation with legacy on-premises security defenses trying to support a hybrid work environment and zero trust principles is challenging for companies. Complications can include poor user experience, complexity of disjointed solutions, high cost of operations, and increased security risks with potential data exposure. Simple allow and deny controls lack an understanding of transactional risk to adapt policy controls and provide real-time coaching to users.

A third-party risk assessment pulls risk vendor risk data to help cybersecurity teams understand how to best mitigate supplier risks. Though the field of Third-Party Risk Management (TPRM) is evolving to prioritize compliance, security, and supply chain risk, third-party risk assessments could also be used to uncover an organization’s exposure to financial, operational, and reputational risks stemming from its third-party network. Learn how UpGuard streamlines Third-Party Risk Management >

Cyber resilience is becoming increasingly complex to achieve with the changing nature of computing. Appropriate for this year’s conference theme, organizations are exploring “the art of the possible”, ushering in an era of dynamic computing as they explore new technologies. Simultaneously, as innovation expands and computing becomes more dynamic, more threats become possible – thus, the approach to securing business environments must also evolve.

The cybersecurity world is no doubt aware that the National Vulnerability Database (NVD) has been experiencing issues over the last three months.

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from China, Russia, North Korea, and Iran.

CrowdStrike is excited to bring new capabilities to platform engineering and operations teams that manage hybrid cloud infrastructure, including on Red Hat Enterprise Linux and Red Hat OpenShift.