Software life cycle management has always been part of the development team, but organizations are now looking to extend the process beyond the development team to manage the entire supply chain, says Nahas Mohammed, regional sales director at GitHub India.
DevSecOps is about security enablement at every stage within the organization - the people, process and technology. To begin the DevSecOps journey, organizations should enable and empower technology teams to think about secure design first, says GitHub's Hatim Matiwala.
ReliaQuest customers have tailored Digital Shadows' threat intelligence to their organizations to ensure conversations about their brands or products are being captured, says CEO Brian Murphy. The security operations firm says the Digital Shadows deal has fortified its detection and response muscle.
Data breaches are tricky to cover, and we want to report on them in an ethical way. That requires picking what should be reported for informed public discourse but avoiding topics that may encourage attackers' efforts to shame victims into paying a ransom and anything resembling data dump voyeurism.
Why is credential stuffing hard to solve? Are weak passwords the only reason behind credential stuffing attacks? Experts Sanjay Singh, head of DevSecOps at Games24x7, and Navaneethan M., CISO at Groww, explain how geo-based authentication, user behavior analytics and monitoring can detect breaches.
IT and security organizations can simplify the zero trust journey in the cloud by allowing internet traffic to go directly to the required destination instead of routing through the data center, says Sudip Banerjee, field CTO for Zscaler for the Asia-Pacific and Japan region.
As the banking sector undergoes digital transformation, the future of banking requires both securing transactions and building cyber resiliency through consistent cyber drills and creating a private network for secure financial transaction, says professor D. Janakiram, director of IDRBT.
Some organizations struggle with deciding whether to add an XDR framework to the existing threat detection and response layer, but a good analysis engine can simplify the process of processing data from multiple sources, according to SentinelOne's Vats Srivatsan and Diwakar Dayal.
After the collapse of the FTX cryptocurrency exchange, I received a small postcard from Japan. The sender was Mt. Gox. Here's how I bought a bitcoin for $12 and had a painful front-row seat for the first big cryptocurrency exchange collapse, plus some thoughts about cryptocurrency.
Palo Alto Networks will make its first major acquisition in nearly two years, scooping up application security startup Cider Security for $250 million. The Silicon Valley-based platform security behemoth will fork over $194.6 million of cash as well as $55.4 million of replacement equity for Cider.
CISOs today are dealing with many kinds of attacks, and the volume of activity is overwhelming employees in the security operations center, potentially leaving the enterprise open to breaches, says Manish Sinha, director of sales engineering at Trellix.
ExtraHop has snagged high-profile Check Point, Cylance and Optiv executive Chris Scanlan to help the network security provider reach $500 million in annual recurring revenue. The Seattle-based network detection and response vendor has tasked Scanlan with strengthening ExtraHop's go-to-market motion.
The traditional application development model that puts security checks at the end of the process creates needless friction that slows down organizations, says Snyk solutions engineer Matt Mintzer. Application security specialists need to build tracks rather than guardrails for development, he says.
In India, ransomware attacks, phishing, botnets and nation-state attacks - including attacks on supply chains and critical infrastructure - are all on the rise. Plus, there's a huge cybersecurity skills gap. Terence Gomes of Microsoft in India discusses how the company addresses these issues.
Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.