Security News

Threat Stack, the leader in cloud security and compliance for infrastructure and applications, announced a partnership with Tevora, a specialized management consultancy focused on cybersecurity, risk, and compliance services. The Threat Stack Cloud Security Platform extends security observability across the cloud management console, host, containers, and application layers to help customers understand the full picture of their cloud environment, quickly respond to incidents, and proactively reduce risk.

The publication also provides clarification about privacy risk management concepts and the relationship between the Privacy Framework and NIST's Cybersecurity Framework. The NIST Privacy Framework is not a law or regulation, but rather a voluntary tool that can help organizations manage privacy risk arising from their products and services, as well as demonstrate compliance with laws that may affect them, such as the California Consumer Privacy Act and the European Union's General Data Protection Regulation.

To ensure the highest levels of endpoint security across more than 8,000 devices and to help achieve HIPAA compliance in the face of rising data breaches across the healthcare industry, Apria Healthcare leverages Absolute, the leader in endpoint resilience, for comprehensive endpoint visibility and control. "Persistence [located] in the BIOS is the number one item that I think really sets Absolute apart from other companies touting that they can do asset tracking better," said Janet Hunt, Senior Director, IT User Support at Apria Healthcare.

Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment. Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices.

PLDA, the industry leader in PCI Express IP and data interconnect solutions, announced that their XpressRICH-AXI PCIe Controller IP passed all Gold and Interoperability tests at the PCI-SIG Compliance Workshop. PLDA's XpressRICH-AXI Controller IP for the PCIe 4.0 specification was tested running on an FPGA based add-in card Gen4ENDPOINT. PCI-SIG is the community responsible for developing and maintaining the standardized approach to peripheral component I/O data transfers.

Saviynt, ranked in the top third of Inc. Magazine’s 5000 fastest growing US companies and a thought leader in converging Identity Governance and Cloud Privileged Access Management solutions, is...

FileCloud, a cloud-agnostic enterprise file sync and sharing platform, announced complete California Consumer Privacy Act (CCPA) compliance support. The private cloud enterprise file sharing...

Countermeasures to Keep your Compliance On Track and as Originally DesignedThird-party vendors accessing your most critical systems and networks can also bring in security incidents along with all...

More companies are using third-party vendors and crowdsourced testing to meet their security needs, according to a new survey from Synack.