Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today we are proud to announce general availability of our patented cloud-based endpoint data loss prevention (DLP) solution. The release of endpoint DLP expands the already comprehensive Netskope DLP platform and represents a major milestone in data protection, as it enables customers to protect data anywhere, across their hybrid enterprise ecosystem and in the cloud. Let’s look at why this is so important.

XML is a human-readable text format used to transport and store structured data. Tags and data structures are defined by users in self-describing documents that are universally parsable by any XML tool, giving developers a highly configurable mechanism for data representation. To build on XML’s limited base syntax, an author can define the structure and acceptable content of a document’s data using a document type definition (DTD).

APIs are a critical component of today’s development landscape because of their importance in microservices. Since modern software is often composed of various microservices, certain functionalities may be beyond the scope of an individual API. With an API gateway, we can aggregate those services to behave as if they were a single API, and return complex responses from disparate microservices through a single call to an API gateway.

The August 4th compromise of Twilio via a targeted smishing attack has been a topic of wide concern and discussion on social media. My first thoughts on hearing of the attack were to virtually “pat myself down” with regard to exposure risk. Kind of like that feeling when you’re not sure if your car keys or wallet are in your pocket a few blocks after walking away from your parking space. Is my company affected by the breach? Did we receive a notification email from them?

The world is becoming a smaller place. The prospect of working in another country becomes increasingly realistic and even promising as businesses migrate toward the cloud and collaborate more closely with international partners. Amid this shift, cybersecurity professionals may wonder if they can work abroad. Cybersecurity is a worldwide concern, creating plenty of global opportunities for security professionals.

It is hard to believe, but ransomware is more than three decades old. While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the most publicized example. Since then, dozens of ransomware strains have been utilized in a variety of cyberattacks.

As software engineers, we are incredibly busy. We’re designing new features, writing tests and implementing code, debugging, opening pull requests, and performing code reviews. That’s not to mention all of the DevOps stuff that our teams have us doing nowadays, too. Oh yes, and then there are stand-ups, check-ins, one-on-ones, and all-hands. The thing is: you don’t have time to waste. If there is wasted time in your workweek, it’s worth looking into how to recapture that time.

These security websites will help your team up-to-date on the latest cybersecurity scams. It is important to keep up with the latest cyber security threats and how to protect your company from them. With so many websites and articles out there on the topic, it can be difficult to know which ones are worth reading.

File integrity monitoring (FIM) started back in 1997 when Gene Kim launched Tripwire and its “Change Audit” solution. Just a few years later, Change Audit became FIM; this rebranded tool worked with the 12 security controls identified in Visa’s Cardholder Information Security Program (CISP). CISP became PCI DSS 1.0, and things continued to evolve after that. Which brings us to the present day.

AT&T Alien Labs has discovered a new malware targeting endpoints and IoT devices that are running Linux operating systems. Shikitega is delivered in a multistage infection chain where each module responds to a part of the payload and downloads and executes the next one. An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed and set to persist.