Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Employees in the post-lockdown world have bid goodbye to traditional work environments. Remote and hybrid work is the new normal, with employees expecting full access to their work resources even when working remotely. They might also use multiple devices, even personal ones, to access corporate data.

Email allows people to instantly connect with others across the world and share almost any information they want. They frequently contain text, document attachments and multimedia such as images and videos. With all of this information able to be shared, chances are you’ve sent a good amount of sensitive information to other people over the years – and that makes your email account a target for cybercriminals.

Identity fraud is the unauthorised use of a person’s personal information by another person to commit a crime or deceive or defraud that person or a third party in order to take advantage of the pleasures that come with that synthetic identity. The majority of identity fraud is performed for financial gains, such as gaining access to a victim’s credit card, bank accounts, or loan accounts.

I remember where I was sitting when I read Mandiant’s first M-Trends report on the advanced persistent threat in 2010. I was a technical director at the National Security Agency in the office of Tailored Access Operations (TAO). At that time, my job was to build computer network exploitation (CNE) tools to collect foreign intelligence.

Inversion of control (IoC) techniques give developers a way to break out of traditional programming flow, and it offers them more flexibility and greater control over their code. Dependency injection, one form of IoC, is a pattern that aims to separate the concerns of constructing objects and using them. In this article, you’ll learn what dependency injection is, when you should use it, and what popular JavaScript frameworks it’s implemented in.

Today, web and mobile applications and API-based microservice endpoints are becoming the default. These applications are reachable through the HTTP web protocol. The encryption provided by a Secured Socket Layer or Transport Layer Security (SSL/TLS) is a must to secure the communication between client and server and across API back-ends. SSL/TLS are certificate-based encryption mechanisms. SSL has been the standard for over 20 years.

Remote work has significantly changed how employers hire and manage employees. Research shows the remote trend is only rising. 58% of US workers have the option to work remotely. More companies are leveraging talent across the U.S. and the world, making their companies stronger and more diverse.

With the enormous utilization of the internet and business goals to save additional expenses, SaaS applications are coming to light. Such applications are now running in every organization, handling extensive confidential information. Therefore, it makes firms focus more on understanding SaaS application security. So, we have curated the most prominent SaaS app security aspects, covering the primary user’s perspective from each end. Let’s have a look at it.

This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks.