The moral of the story? Change control, peer review, and pair programming: not just good ideas, no matter how experienced you are.
Counter phishing threats with red-team exercises, 2FA/MFA, or even passwordless auth, where appropriate.
If you’re writing C++ code, use best practices to manage memory. If you’re using or considering Rust, don’t treat it as a magic panacea.
If more security people embrace these ideas, people will view security teams differently and positive change will become the norm.
Machine learning, AI, big data and analytics combine to deliver behavioral analytics, which can identify malicious activity and stop cyberattacks.
The moral of the story? Choose up-to-date hardware, and configure it correctly. And consider disabling suspend.
This potentially precedent-setting legal battle should be on your watch list.
Test, test, test: Red team, automate regression tests, use strict change controls. And if you must do mass surveillance, make sure it’s protected
How closely do you audit your partners’ API use? Are you checking passwords against lists of compromised credentials?
With the pandemic forcing staff to work from home seemingly overnight, security teams need to catch up in a hurry. Here are best practices.