Create a Security Risk Assessment for Containers in 5 Steps
When adopting containers, organizations need to create a risk profile for the types of threats and vulnerabilities they expect to experience. This type of analysis is especially important with containers, since the attack surface increases significantly, while the level of security visibility across hosts, containers, and the infrastructure control plane ... Read More
Best Practices for User Access Management
Many organizations have policies in place that restrict internal access to information, but are they truly optimized for security and efficiency? In an age of sophisticated, ever-evolving infrastructure and equally sophisticated attacks, it’s time to get serious about user access management. In order to do so, you’ll need to take ... Read More
How to Use Threat Stack to Enable Proactive Security
We recently discussed some pretty sobering statistics in the world of cybersecurity, ranging from astronomical misconfiguration rates to the depressing lack of speed with which breaches are detected. Not only are attacks more sophisticated than ever before, but infrastructure is too, with sensitive data spread across various servers, service providers, ... Read More
How to Develop An Incident Response Checklist for Your SaaS Business
Earlier this week, we published a post that explains how to develop an Incident Response Plan (IRP) to prepare for when an incident inevitably impacts your SaaS business. In addition to having an Incident Response Plan that identifies your critical systems, data, risk profile, stakeholders, and so on, it’s vital ... Read More
How to Develop an Incident Response Plan for Your SaaS Business
According to a 2018 IBM study on cybersecurity resilience, 77 percent of firms surveyed lack proper incident response plans, while 69 percent report insufficient funding for cyber resiliency. Where does your organization stand on this critical issue? It’s best to accept that it’s not a matter of if your SaaS ... Read More
How to Use Alerts to Become More Proactive About Security
We all understand the importance of being proactive about our health. Rather than waiting for symptoms of disease to land us in the ER, we eat healthy, exercise, and see our doctors annually (or at least we know we should!). So why do so many organizations fail to understand the ... Read More
Understanding Cryptojacking — Why It Matters to You and How to Defend Against It
Security researchers have recently uncovered several high profile cases of cryptojacking involving companies like Tesla and the LA Times. In these incidents, cryptocurrency “miners” illegally gained access to an organization’s public cloud services and exploited their computing power to generate more digital coins. In this blog post, we’ll give you ... Read More
Three Mistakes Teams Make in Operationalizing Security (and a Better Alternative)
With the challenges presented by today’s cloud security landscape, organizations with limited time and resources are taking a variety of approaches in their attempts to incorporate security into their operations practices. Some approaches work better than others, but none provide the silver-bullet solution that some organizations seek. Below, we’ll explore ... Read More
Best SecOps Tools: 50 Must-Have Tools For Your SecOps Arsenal
SecOps is a multi-faceted function tasked with a variety of responsibilities, not the least of which is coming up with secure software and applications while maintaining the development and release cadence users demand. It’s no longer enough to just concern yourself with writing code and developing software. Today, adding security ... Read More
