Security News

Without early threat detection, you may not know your website has been hit by a DDoS attack until it slows down or stops, says NordVPN Teams. Trying to mitigate a DDoS attack after it's already begun can cost an organization a huge amount of time, money, and resources.

Datadog Incident Management brings data, documentation, and collaboration together in a single location which all engineers and security team members can jointly work from. "With these new Incident Management features now available alongside our powerful tools for alerting, monitoring, and collaboration, Datadog customers can manage and resolve incidents in a single, unified platform, saving time when it matters."

This is according to C-Level IT and security execs at global businesses, 64% of which believe their organization is more likely to experience a data breach due to COVID-19. "As companies rush to meet remote work requirements and customer demands for digital services, attack surfaces have dramatically expanded, leaving security teams stretched thin and not staffed to cope. It's been a moment of reckoning: use the creativity and power of hackers to harden software and prevent malicious activities."

There are unrealized gaps between the rate of implementation or operation and the effective use of cloud security access brokers within the enterprise, according to a global Cloud Security Alliance survey of more than 200 IT and security professionals from a variety of organization sizes and locations. "CASB solutions have been underutilized on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the service," said Hillary Baron, lead author and research analyst, Cloud Security Alliance.

The funds will be used to expand its product and engineering teams in order to accelerate growth. "The traditional solutions to mitigating legal, compliance, or cultural risks with employee communications are retroactive and expensive - engaging outside counsel, hiring more lawyers, company-wide quarterly trainings - we'd like to flip that paradigm on its head and help our customers prevent risk before it is created," said Kevin Brinig, co-Founder and CEO of LitLingo.

Adding insult to injury, researchers have recently discovered a workaround for a previous patch issued for Microsoft Teams, that would allow a malicious actor to use the service's updater function to download any binary or malicious payload. Essentially, bad actors could hide in Microsoft Teams updater traffic, which has lately been voluminous. While Microsoft tried to cut off this vector as a conduit for remote code execution by restricting the ability to update Teams via a URL, it was not a complete fix, the researcher explained.

Rew Ginter, VP Industrial Security at Waterfall Security Solutions, talks about the differing priorities between IT and OT security teams as industrial control systems become connected. Information technology and operational technology may have many of the same objectives - but too often they don't see eye-to-eye when it comes to top priorities, said Andrew Ginter, VP Industrial Security at Waterfall Security Solutions.

93% of security professionals lack the tools to detect known security threats, and 92% state they are still in need of the appropriate preventative solutions to close current security gaps, according to LogRhythm. Based on a global survey of more than 300 security professionals and executives, LogRhythm sought to understand the root causes of the stress under which security teams operate, obtain feedback on the ways in which it could be alleviated, and identify the best paths to remediation.

Conducted during the coronavirus pandemic, 1E unveils the findings of an analysis of the remote employee experience and the digital workplace in 2020. Vanson Bourne and 1E surveyed employees across eight industries in the United States and found that enterprise IT teams are failing to deliver a positive remote employee experience.

Snyk has announced the significant enhancements to its prioritization capabilities, helping security and development teams automatically identify and fix the most critical vulnerabilities. By giving developers the immediate priority scoring, deep application context, customizable security policies, and Snyk's automated fix PRs, security teams can ensure their developers are fixing the most important open source and container vulnerabilities, as quickly as possible.