Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Salt Security Empowers API Governance with New Posture Policies Hub

In today's digital age, applications are no longer monolithic structures but intricate mosaics of interconnected APIs. These APIs are the foundation of modern software and allow for smooth communication and data exchange, providing the dynamic functionality users expect. However, as connectivity increases, so does the risk of exposure to cyberattacks. The security of APIs has become extremely important as cyber threats target these crucial points.

Introducing Postman Collection Support for API Security Testing

In today's digital landscape, Application Programming Interfaces (APIs) play an important role in driving innovation. They allow teams to integrate new applications with existing systems, reuse code and deliver software more efficiently. But, APIs are also prime targets for hackers due to their public availability and the large amounts of web data they transmit. API vulnerabilities can lead to unauthorized access, data breaches, and various other forms of attacks.

2024 Bitsight Ratings Algorithm Update: Purpose, Observations, and Impact

As our 2024 Rating Algorithm Update (RAU) goes live on July 10, 2024, we wanted to share some research that validates this update and reinforces the importance of the RAU process. As we noted in our announcement blog, after RAU 2024, remediated Patching Cadence findings will impact the Bitsight Rating for 90 days after the last vulnerable observation instead of 300 days.

Teleport 16

It’s that time again — for a brand new major release. Our team releases major versions of Teleport every 4 months. Here we introduce Teleport 16. This post goes into detail about Teleport 16 breaking changes, bug fixes and improvements. In Teleport 16, we focused on new features and enhancements to enable our customers to implement mitigations to protect against an IdP Compromise.

Available Now: Veracode Scan for JetBrains IDEs

Veracode Scan for VS Code was one of the big hits on the expo floor at the RSA Security conference in May this year. People liked the integration of Veracode Static, Veracode SCA, and Veracode Fix into a single extension, giving developers the tools to scan their code and resolve problems with AI assistance while they are actively developing code.

New Secrets Management Capabilities: CyberArk Secrets Hub, CyberArk Conjur Cloud, CyberArk Conjur Enterprise, CyberArk Credential Providers

We’re excited about several new Secrets Management capabilities that we announced at IMPACT 24 in Nashville and around the globe on the IMPACT World Tour. These include CyberArk Conjur Cloud support for Self-hosted PAM, CyberArk Secrets Hub support for Google Cloud and dramatic performance improvements for the Credential Providers with Release 14. AWS also demonstrated their new ”Managed By CyberArk“ capability in the AWS Secrets Manger UI.

Never Miss a Critical Alert: Graylog 6.0 Elevates Security Alerting with Pushover Integration

Responding rapidly to cyber threats is a make-or-break capability in today’s high-stakes security environment. A missed alert can quickly escalate a minor incident into a major crisis, jeopardizing your organization’s critical assets and hard-earned reputation. A recent IBM study revealed that companies took an average of 237 days to identify a data breach in 2021 — an inexcusable delay that could invite catastrophic consequences. (Source: IBM Cost of a Data Breach Report 2022)

Introducing New Investigation Features for Sysdig Secure

Cloud migration and continuous innovation provide organizations with substantial gains in speed, scalability, and cost (to name a few). Most security teams have no choice but to make the jump to the cloud, in at least some capacity, to support and protect this rapidly expanding attack surface. But organizations and security teams aren’t alone. Threat actors have been readily adapting their craft to take advantage of cloud speed.

Get to Know MXDR: A Managed Detection and Response Service for Microsoft Security

The Microsoft 365 E5 license gives users entitlements to numerous Microsoft Security products—so many, in fact, that as companies deploy the Microsoft Security suite, they may need a managed detection and response (MDR) service to get the most out of it. Enter Trustwave Managed Extended Detection and Response (MXDR) for Microsoft, an MDR service built specifically for Microsoft Security customers.

BDRSuite v7.1.0 is Generally Available Now!

We are excited to announce that BDRSuite v7.1.0 is now generally available! This latest release brings a host of new features, enhancements, and performance improvements designed to provide even more robust and efficient data protection for your IT environment. With BDRSuite v7.1.0, users can expect enhanced backup and recovery capabilities, greater ease of use, and increased reliability.