Security practices of apps in the Google Play Store
Monday, September 26, 2022 by Brittany Hainzinger
Data removal company Incogni analyzed the top 1,000 paid and unpaid apps available on the Google Play Store to discover the apps’ privacy and security practices.
Key privacy findings:
1 in 2 apps (55.2%) share your data with third parties.
Free apps share, on average, seven times more data points than paid apps.
The worst categ...
Triller calls on US gov to ban TikTok
Tuesday, July 19, 2022 by Freeman Lightner
Triller calls on CFIUS, President Joe Biden, Congress the Department Of Defense to ban TikTok calling it the largest security threat to America today in an open letter by CEO and Chairman of Triller Mahi De Silva.
As the CEO of a global company whose mission is to help creators take control of their destiny in the creator economy, leveraging transformative adaptive t...
Monetary losses from corporate data breaches in the US
Friday, June 17, 2022 by Freeman Lightner
Data breaches in today’s technology-driven world can affect hundreds of millions, if not billions, at once. Companies must ensure that data is adequately protected. However, some of the largest breaches have occurred in the last decade.
But which state in the United States has suffered the most monetary losses as a result of corporate data breaches?
Intelligent IoT Network lands from Aeris
Tuesday, February 15, 2022 by Richard Harris
Aeris, the Internet of Things (IoT) solutions provider has announced the next generation of its Intelligent IoT Network, a unique suite of Machine Learning and Artificial Intelligence (AI)-based capabilities that enable superior global IoT connectivity and network performance, increased security performance, and best-in-class IoT network support. The Aeris Intelligent I...
Security compliance predictions for 2022
Tuesday, January 18, 2022 by Freeman Lightner
Edward Tuorinsky is the Managing Principal of DTS, a Service-Disabled Veteran-Owned Small Business, that provides information technology and management consulting services in the areas of program management, governance, strategic planning, organization advancement, business process efficiency, software development, system integration, and learning enhancement solutions....
Data privacy predictions from Ground Labs
Monday, January 17, 2022 by Freeman Lightner
As Ground Labs Co-Founder, Stephen Cavey leads a global team empowering enterprise partners to discover, manage and secure sensitive data across their organizations.
Stephen has deep security domain expertise with a focus on electronic payments and data security compliance. He is a frequent speaker at industry events such as PrivSec Global, and his expert analy...
Security analytics platform selects Pulumi Cloud
Monday, January 3, 2022 by Freeman Lightner
Pulumi announced Panther Labs, a security analytics platform company that helps teams detect and respond to breaches at cloud scale, has selected the Pulumi Cloud Engineering Platform to manage and scale its cloud infrastructure. With Pulumi, Panther has been able to speed its deployments by up to 10X, reduce the size of its legacy infrastructure codebase by more than 5...
Low code platform Zenity lands $5M in funding
Wednesday, December 8, 2021 by Christian Hargrave
Zenity exited stealth mode with a $5 million seed funding round, led by Vertex Ventures and UpWest, and backed by top executives such as the former CISO of Google, Gerhard Eschelbeck, and former CIO of SuccessFactors, Tom Fisher. With Zenity, businesses can promote citizen development and adopt Low-Code/No-Code platforms while avoiding critical data exfiltration or disr...
Open source services from Rafay Systems
Tuesday, October 19, 2021 by Christian Hargrave
Rafay Systems announced its plans to open-source its Zero-Trust Access and GitOps services. Developers will be able to take advantage of and contribute to, these battle-tested services that significantly reduce the complexities associated with securing access to and automating the ongoing operations of Kubernetes infrastructure and modern applications. These two service...
SnykCon 2021 event lineup
Friday, September 24, 2021 by Randall Degges
We're only a few weeks away from SnykCon 2021, Snyk's free annual developer conference that helps you learn how to build applications securely running October 5-7. We have a packed agenda full of expert talks, hands-on workshops, helpful demos, product roadmaps, opportunities to interact with some of the smartest speakers and leaders of developer security i...
Vanta launches Automated ISO 27001 Certification and HIPAA Compliance
Tuesday, July 13, 2021 by Brittany Hainzinger
Vanta announced public availability for two new certification standards that help secure the internet and protect consumer data. Vanta provides automated compliance audits and continuous security monitoring through a robust SaaS platform, enabling companies to achieve industry standardization in weeks instead of months.
The rise of data leaks and privacy concerns hav...
Cyvatar raises 9 million for cybersecurity as a service model
Monday, June 21, 2021 by Brittany Hainzinger
Cyvatar announced that it has raised $9 million as part of its Series A financing to help scale and serve its rapidly growing customer base and continue to drive the adoption of its innovative cybersecurity-as-a-service (CSaaS) model.
Cyvatar raises 9 million for cybersecurity as a service model
Escalating cybersecurity breaches and the need to addr...
Not all security vulnerabilities are created equal
Tuesday, May 25, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...
Six areas of focus for continuous security
Friday, April 16, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...
NEM Group has launched Symbol
Tuesday, March 16, 2021 by Brittany Hainzinger
NEM Group announced the launch of Symbol, its next-generation Proof-of-Stake+ (PoS+) Public Blockchain. Boasting enterprise-grade programmability and security, Symbol from NEM brings cutting edge technical features which can be leveraged by innovative projects building fintech, healthcare and supply chain products at the heart of the new economy. With the launch co...
Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
Zero trust framework no longer optional 2021 predictions
Tuesday, January 12, 2021 by Brittany Hainzinger
There’s no doubt that COVID-19 and the shift to remote work have accelerated Zero Trust adoption in the enterprise. In 2021 and the following years, implementing a Zero Trust approach will become essential to protecting every enterprise, regardless of industry. This is due to the increasing volume of cyberthreats that organizations and individuals face on a regula...
Quantum computing in 2021
Monday, January 11, 2021 by Brittany Hainzinger
Quantum computing is likely to become practical soon, with the capability to break many encryption algorithms. Organizations should plan to upgrade to TLS 1.3 and quantum-safe cryptographic ciphers soon. Big Tech vendors Google and Microsoft will make updates to web browsers, but the server-side is for your organization to review and change. Kick off a Y2 K-li...
Zero trust security will prevail in 2021
Wednesday, January 6, 2021 by Brittany Hainzinger
Zero-trust security (when organizations stop trusting their people and services in an IT environment) will become the prevailing model for organizations in 2021. With more companies moving to distributed architectures, technology teams need a scalable way to make security foolproof while managing a growing number of microservices and greater complexity. Companies s...
5 mistakes businesses make in application development
Friday, October 23, 2020 by Mayur S Shah
5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development
Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...
HackNotice announces threat intelligence platform
Friday, September 18, 2020 by Brittany Hainzinger
HackNotice announced the launch of HackNotice Teams, a cybersecurity management platform powered by actionable threat intelligence and an industry solution to foster a company-wide culture of security. Built on HackNotice Premium’s technology, HackNotice Teams scours the dark web to alert employees of vulnerabilities, compromised information, and data breaches in ...
GDPR and data security
Friday, September 18, 2020 by Jonathan Weicher
How has the General Data Protection Regulation (GDPR) affected your firm during the past two years? It has been nearly that long since GDPR went into effect across Europe, applicable for any organizations handling the personal information of European citizens. Since that time, it appears to be performing well up to expectations. Firms of all kinds find themse...
Being careful about 3rd party APIs
Monday, August 24, 2020 by Ameya Talwalkar
Over the past couple of years, we’ve seen a marked shift in the nature of API traffic from being largely driven by human actions to be increasingly machine-driven. While it used to take a human to click something on a website to trigger an API call and response, there are now sites and apps where upwards of 98% of total traffic is the result of bots -- some legiti...
New version of Terrascan from Accurics
Thursday, August 20, 2020 by Brittany Hainzinger
Accurics unveiled a major upgrade to Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC). The new release ensures Terraform templates avoid common security pitfalls in popular cloud providers such as AWS, Azure, and Google Cloud Platform. Built-in extensibility will enable support for other popular technol...
3 Steps to manage work-from-home assets as we get back to the office
Friday, April 24, 2020 by Brittany Hainzinger
Just over the horizon for American businesses and government agencies is the return to the traditional office work environment. But what will companies and agencies do with the new laptops and other devices they put into employee homes in order to keep things going during state-imposed stay-at-home orders? The International Association of IT Asset Managers (IAITAM) ...
DevSecOps 7th annual Community Survey results
Wednesday, April 15, 2020 by Brittany Hainzinger
Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...
2020 Cloud Misconfigurations Report released by DivvyCloud
Wednesday, February 19, 2020 by Brittany Hainzinger
DivvyCloud released its 2020 Cloud Misconfigurations Report, which substantiates the growing trend of data breaches caused by cloud misconfigurations and quantifies their impact on companies and consumers around the world. DivvyCloud research found that nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nea...
Data Privacy Day 2020 is here
Tuesday, January 28, 2020 by Richard Harris
Data Privacy Day is here, and with the recent implementation of the California Consumer Privacy Act, the timing could not be better to discuss the importance of taking steps to protect sensitive data while also keeping personal data private and secure.
Similar to GDPR, CCPA will have a profound impact on data privacy and protection, making this year’s Data Priv...
Nuggets in the top identity leaders list 2019
Thursday, December 5, 2019 by Richard Harris
Nuggets announced its inclusion in the One World Identity’s (OWI) Top Identity Leaders List 2019. Securing their place alongside, Google, Microsoft, Visa and Apple, the British startup was credited for its pioneering solution in their annual Identity Landscape Report.
The Identity Landscape saw the biggest names in identity shortlisted across 35 categories, pla...
Ethics standards and security protocols app developers should follow
Monday, September 30, 2019 by Richard Harris
The DMV is selling driver data and Eve Maler weighs in
Tuesday, September 24, 2019 by Richard Harris
Motherboard broke the news on September 6 that Departments of Motor Vehicles (DMVs) around the nation have been making millions by selling drivers’ personally identifiable information to thousands of businesses. Amongst the DMVs customers are insurance agencies, tow companies, data brokers and even private investigators – all who are able to purchase records...
IBM's z15 launches with Data Privacy Passports
Friday, September 13, 2019 by Freeman Lightner
Against a backdrop of global privacy breaches, with the cost of each security breach in the U.S. clocking in on avg $8.2 million, IBM launched "z15", the enterprise platform that delivers the ability to fully manage the privacy of customer data across hybrid and multi-cloud environments.
As part of the launch, IBM is announcing Data Privacy Passports, ...
Zeroday vulnerability announced byMcAfee at Defcon
Monday, August 19, 2019 by Richard Harris
At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system.
The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...
MariaDB enterprise server helps you sleep at night
Thursday, June 20, 2019 by Richard Harris
MariaDB Corporation announced the release of MariaDB Enterprise Server 10.4, code-named “Restful Nights” for the peace of mind it brings enterprise customers. Databases are the backbone of critical business services used every day. A database failure can result in sleepless nights for everyone involved. The new MariaDB Enterprise Server includes added f...
Decentralized data delivery network arrives that uses edge computing
Wednesday, June 5, 2019 by Brittany Hainzinger
Bluzelle has launched a Data Delivery Network (DDN), taking on global market leaders to meet the increasing demand for data delivery by delivering data more than twenty times faster.
As a leading proponent of edge computing, Bluzelle is using its global network of distributed nodes to push data to the edge, where the customer is. The DDN operates in a similar w...