Security News
AttackIQ, the leading independent vendor of breach and attack simulation solutions, announced the appointments of Julie O'Brien as chief marketing officer and Jonathan Reiber as senior director of cybersecurity strategy and policy. "The company has a unique opportunity to be the Switzerland of the security stack-providing an independent assessment of how solutions perform against real-world attack scenarios so enterprises can close security gaps and solution providers can improve their product offerings. AttackIQ is on a mission to enhance cybersecurity for all, and it's a mission I am very proud to support."
Earlier this month, articles on Mashable, EFF, Forbes, and Consumer Reports, among others, heavily criticized Zoom for not ensuring that users' privacy is well protected, which encouraged web veteran Doc Searls to have a look into the matter as well. EFF too pointed out that Zoom hosts could monitor attendees' activity while screen-sharing, could see whether a participant has the Zoom window in focus or not, and that administrators can view "How, when, and where users are using Zoom," and can access the contents of recorded calls, including "Video, audio, transcript, and chat files."
CI Security, a Managed Detection and Response services provider specializing in defending the networks of organizations and critical infrastructure, announced the addition of a Work From Home Security Policy Assessment to the company's managed services offering. The Work From Home Security Policy Assessment provides a comprehensive view of the risks faced by an organization and its remote workforce, the capabilities of the organization to implement appropriate and effective security controls, including how to monitor an expanded, and in many cases unmanaged, set of endpoints.
If you're looking to take your Kubernetes security to the next level, you'll want to start working with pod security policies. Here's a quick introduction to this feature.
If you're looking to take your Kubernetes security to the next level, you'll want to start working with pod security policies. The Kubernetes pod security policy is a resource that controls the security of a pod specification.
Bug disclosure service HackerOne was in the rare position of publicizing one of its own security holes this week after a researcher discovered a flaw that was exposing some user email addresses. Tenable says Microsoft won't fix Group Policy bug.
Policy makers can't create policy around a piece of technology without understanding how it is used - how all of it's used. Technology and policy both use concepts of trust, but differently.
Endpoint security firm CrowdStrike announced on Wednesday that Michael Sentonas has been appointed chief technology officer after Dmitri Alperovitch decided to leave the company to launch a non-profit policy accelerator. Alperovitch, one of the founders of CrowdStrike, has been acting as CTO since the company's launch in 2011.
In the second global insider data breach survey, IT leaders found that 78% think employees have put data at risk accidentally in the past 12 months and 75% believe employees put data at risk intentionally. At the same time, 58% of managers said employee reporting is more likely than any breach detection system to alert them to an insider data breach.
Tufin, a company pioneering a policy-centric approach to security and IT operations, announced the availability of Tufin SecureCloud, a security policy automation service for enterprises needing to gain visibility and control of the security posture of their cloud-native and hybrid cloud environments. SecureCloud, built from the ground up and optimized for the cloud, is a major new addition to the Tufin Orchestration Suite - establishing Tufin as the first and only vendor to unify security policy management across on-premises, cloud-native, and hybrid clouds.