Security News
The enterprise-trusted, build-to-production container security solution now includes extensive compliance reporting and enforcement for PCI DSS, GDPR, and other industry and government standards, as well as new workflows specifically designed to make it easy for DevOps teams to track critical vulnerabilities and to ensure - and prove - compliance. With a single click, DevOps teams can enable NeuVector's pre-configured compliance templates to identify any potential industry compliance issues and generate audit reports for PCI DSS, GDPR, and other stringent - and often changing - data security regulations.
BDO USA announced the launch of a new integrated solution that helps organizations develop and maintain a comprehensive data governance, risk management and compliance program. BDO's Compliance Center allows companies to maximize the utility of their Microsoft suite by providing complementary services through each step of the compliance and information risk management process, from data discovery and initial gap assessments, to controls implementation, ongoing monitoring and enforcement.
When Adobe released security updates for Magento last week, it warned that the Magento 1.x branch is reaching end-of-life and support on June 30, 2020, and that those were the final security patches available for Magento Commerce 1.14 and Magento Open Source 1. "If you have a store that continues to run on Magento 1 after June 30, please be aware that from that date forward you have increased responsibility for maintaining your site's security and PCI DSS compliance," Adobe warned.
ZL Technologies announced enhancements to the ZL UA Compliance platform that significantly strengthen the email review process for compliance departments. A flexible review pipeline for compliance departments, ensuring flagged communications are defensibly managed.
Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales. Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.
Abacode announced a collaboration with Atlanta-based Apptega, a leader in cybersecurity management software. "Abacode continues to innovate and partner with great technology companies," said Greg Chevalier, SVP Partners and Sales Strategy for Abacode.
Not only am I responsible for all of the ongoing compliance and yearly assessments, but I also have to interpret the PCI DSS scriptures on how PCI affects products, initiatives, and platform decisions. I'm honestly surprised that so many vendors operating in areas that impact PCI compliance have virtually no clue about how their products affect or are affected by PCI. After all, there's no excuse to be clueless.
Crypto.com announced the appointment of Antonio Alvarez as Chief Compliance Officer. Antonio will be responsible for leading worldwide regulatory compliance across Crypto.com's entire product ecosystem.
Kudelski Security, the cybersecurity division within the Kudelski Group, announced the launch of its dedicated Microsoft Security services, enabling clients to effectively consume and configure Microsoft security capabilities and add additional monitoring to their Microsoft 365 and Azure environments. In addition to providing a dedicated Microsoft focus, Kudelski Security offers clients a combination of proprietary, native cloud security monitoring capabilities as well as teams of experienced engineers to help deploy, operate, and maintain comprehensive cybersecurity programs.
The longstanding challenges associated with compliance with the Sarbanes-Oxley Act, such as the cost of compliance and reliance on time-consuming manual tasks, are being exacerbated by the COVID-19 pandemic, as finance and audit teams are required to perform audit tasks remotely. "The tasks associated with SOX compliance continue to be significant and time-consuming," said Brian Christensen, executive vice president and global leader of Protiviti's internal audit and financial advisory practice.