To deliver a secure infrastructure-as-code service, development teams must adopt a "shift left" strategy that brings all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.
A key disconnect exists between awareness of financial services fraud schemes and mitigation, according to the latest "Faces of Fraud" survey sponsored by Appgate. Mike Lopez, vice president at the firm, describes some key findings.
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
Netscout is out with its latest threat report, and the research offers some startling new insights into DDoS, advanced threats and the commercialization of cybercrime. Hardik Modi offers analysis.
CrowdStrike is out with its 2019 Global Threat Report, which includes a ranking of the most dangerous nation-state adversaries. The company's CTO, Dmitri Alperovitch, discusses the report's key findings about threats and threat actors.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.
Reviewing 2018 attacks, Jon Clay of Trend Micro, says social engineering persists, including phishing attacks, while criminals also continue to steal credentials, lob ransomware at targets and push cryptomining malware.
As trends such as DevSecOps and agile application development spread, enterprises increasingly are focused on software integrity. Andreas Kuehlmann of Synopsys discusses how to address this shift.
What's hot on the cybersecurity legal front? For starters, in 2018, the U.S. Department of Justice indicted twice as many alleged state-sponsored attackers than it had ever indicted, says Kimberly Peretti of Alston & Bird.
The network is much more than just the sum of its endpoints, and the imperative to secure everything has led to detection and response emerging as a top priority for many organizations, says Chris Morales of Vectra Networks.
Monica Jain has a lot of experience in security operations centers, and she knows much of the tribal knowledge there is not automated or shared. That's why she co-founded LogicHub, a new intelligence automation platform.
At a time when so many new devices are connected to enterprise networks, security leaders struggle just to inventory the devices - never mind secure them. Nathan Burke, CMO of Axonius, a new device management vendor, discusses the niche Axonius fills.
Fraudsters break into your network by phishing for access in increasingly sophisticated ways. Anthony Giandomenico of Fortinet describes the importance of tracing every step in the attack lifecycle when devising an effective security strategy.
How do you effectively secure healthcare networks when so many devices access them? Deena Thomchick of Fortinet discusses the unique challenges faced by healthcare leaders required to guard against incursion, both by outside hackers and insiders.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.