Technology

Phishing Isn't Just an Email Problem... How To Protect Your Business From Phishing

Nov 22, 2022 By Internxt Contributor In Internxt

Don’t panic, but phishing assaults increased by 350% since the pandemic. Phising is one of the most prevalent and effective online con games. To put the scale of the damage it causes into perspective, phishing brings in $1 trillion more a year than Walmart’s total sales. Please, remain calm! When you hear 'phishing,' your first thought that probably comes to mind is 'emails.' Phishing attacks frequently go through emails in the guise of files, PDFs, hyperlinks, and other formats.

Read Post

Internxt

Read more about Phishing Isn't Just an Email Problem... How To Protect Your Business From Phishing

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Nov 22, 2022 By Adam Murray In Mend

The ongoing growth in the adoption of cloud services poses escalating opportunities and risks in equal measure. The increased capacity and scalability of cloud environment lends itself to an accelerated pace and higher volume of software and application development than ever before. This trend brings into play a huge increase in the number of software components and dependencies that developers use in their code bases.

Read Post

Mend

Read more about Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Project Pyrsia: Securing the OSS Supply Chain

Nov 22, 2022 By JFrog In JFrog

In this video, learn the mission of Project Pyrsia, how it aids in securing the #softwaresupplychain and why it matters—from project partners at JFrog, DeployHub, and Oracle!

View Video

JFrog

Read more about Project Pyrsia: Securing the OSS Supply Chain

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

Nov 22, 2022 By CrowdStrike In CrowdStrike

CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.

View Video

CrowdStrike

Read more about Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

CSPM - Least privilege principle in practice

Nov 22, 2022 By Nigel Douglas In Sysdig

Cloud Security Posture Management (CSPM) aims to automate the identification and remediation of risks across your entire cloud infrastructure. A core requirement of the CSPM framework is the need to enforce a principle of least privilege. There are certain overlaps with Cloud Infrastructure Entitlement Management (CIEM) solutions. CIEM is a newer categorization that came after CSPM.

Read Post

Sysdig

Read more about CSPM - Least privilege principle in practice

Mobile Device Forensics: Challenges, Threats, & Solutions

Nov 21, 2022 By SecurityScorecard In SecurityScorecard

Mobile forensics is the process of accessing, recovering, and analyzing digital evidence from mobile devices using a court accepted methodology. The information that can be gleaned from a criminal’s phone is highly valuable. That’s why mobile forensics and digital forensics as a whole are valuable assets for law enforcement and intelligence agencies worldwide.

Read Post

SecurityScorecard

Read more about Mobile Device Forensics: Challenges, Threats, & Solutions

Torq's No-Code Security Automation Solution Now Available in AWS Marketplace

Nov 21, 2022 By Eldad Livni In Torq

Torq is proud to announce the immediate general availability of its no-code security solution in AWS Marketplace, the curated digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

Read Post

Torq

Read more about Torq's No-Code Security Automation Solution Now Available in AWS Marketplace

Datadog Cloud Security Management Demo

Nov 21, 2022 By Datadog In Datadog

Datadog Cloud Security Management provides security context for your observability data to help you quickly identify threats and misconfigurations across your infrastructure. In this demo, we show you how Cloud Security Management allows you to remediate threats, collaborate with other teams, and declare incidents for further investigation, giving you complete cloud-native application protection.

View Video

Datadog

Read more about Datadog Cloud Security Management Demo

Best practices for endpoint security in cloud-native environments

Nov 18, 2022 By Mallory Mooney In Datadog

Editor’s note: This is Part 2 of a five-part cloud security series that will cover protecting an organization’s network perimeter, endpoints, application code, sensitive data, and service and user accounts from threats.

Read Post

Datadog

Read more about Best practices for endpoint security in cloud-native environments

TLS Routing Support for Teleport Behind an AWS Application Load Balancer

Nov 18, 2022 By Steve Huang In Teleport

In Teleport 8, we introduced the TLS Routing feature that can multiplex all client connections on a single TLS/SSL port. Recently we've added support for TLS Routing for Database Access when Teleport is deployed behind an AWS Application Load Balancer (ALB). In this article, we will take a deep look at the problem with Teleport behind an ALB and how we solved it.

Read Post