Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz.In the intricate world of software supply chain, the recent near-miss incident with CVE-2024-3094–the xz/liblzma backdoor–serves as a potent reminder of our system’s fragility and the constant vigilance required to safeguard it. In short, a widely used open source package was compromised to add a […]
Category Archives: Cloud Security Alliance
Category Added in a WPeMatico Campaign
CSA was the only nonprofit to be named in the reportSAN FRANCISCO (RSA Conference) – May 7, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, is pleased to announce that it was selected as a leading […]
Originally published by Abnormal Security.Written by Mike Britton.In the ever-evolving world of cybersecurity, the role of Chief Information Security Officer (CISO) has been firmly established as a critical position. And while the journey to becoming a CISO can be challenging, the destination is undoubtedly rewarding—and certainly never dull.Whether you’re taking your first steps on the […]
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.In early 2024, I had the privilege of teaching a SANS leadership course in New Orleans. The food was amazing, as expected. What I didn’t expect was the sheer number of operational technology (OT) security professionals who would be in attendance. As I attended […]
Originally published by Reco.Written by Gal Nakash.What is Microsoft Copilot for Security?Microsoft Copilot for Security is an innovative component of the Microsoft security product portfolio. It is essentially engineered to redefine the management of security incidents. This solution is deeply integrated with Microsoft 365, offering a sophisticated AI-powered platform to cybersecurity professionals. It simplifies the […]
Originally published by Cloud Computing Consultants.Cloud migrations are complex. Rapidly evolving technology, team culture changes, and changing architectural requirements leave companies seeking options to alleviate their cloud migration paths. As a result, businesses are bombarded with a slew of “best practices” and “reference architectures” purported to guide them toward the most efficient, secure, and cost-effective […]
Originally published by Cyera.Healthcare organizations face rising cybersecurity threats looking to exfiltrate patient data. This article explores major healthcare data breaches, the value of stolen medical info, and how data security posture management (DSPM) solutions provide comprehensive data mapping, classification, monitoring, and access controls to secure sensitive health data.The healthcare industry holds a vast amount […]
Originally published by Schellman.Did you recently implement a new artificial intelligence (AI) feature within your application and now your customers are starting to ask for AI-specific penetration tests? Are you curious as to how an assessment like that would work? As with all these exercises, it starts with scoping.Scoping goes beyond just deciding the boundaries […]
Originally published by CXO REvolutionaries.Written by Ben Corll, CISO in Residence, Zscaler.Ransomware – malicious software that encrypts data until a ransom is paid for its return or is leaked without its owner’s consent – remains a persistent threat despite ongoing efforts to combat it. Even with the billions of dollars spent to defend against it, […]
Originally published by Dazz.Written by Noah Simon, Head of Product Marketing, Dazz.The goal of DevSecOps is to integrate security practices into the DevOps process. While much of the narrative of DevSecOps has been around writing ‘more secure code’, the narrative has expanded recently. Mature DevSecOps practices now include: Securing development environments themselves (i.e Source Code […]