5 Objectives for Establishing an API-First Security Strategy

With APIs predicted to be the most common attack vector by 2022, an API-first security strategy is critical now more than ever. Application programming interfaces (APIs) are at the center of just about everything in the digital world. For consumers, APIs underpin everything from smartphone apps to electronic payments and more. For enterprises, APIs have … Continue reading 5 Objectives for Establishing an API-First Security Strategy

Zero Trust: The Mobile Dimension

After embarking on a second unforeseen year of mass remote work, everyone is now accessing corporate resources through the cloud. To help enable this, organizations are introducing new technologies into their standard workflows. The COVID-19 pandemic presented a new realm of unmarked territory as businesses quickly, and almost haphazardly, shifted all employees offsite. Corporate networks … Continue reading Zero Trust: The Mobile Dimension

Network Detection & Response: The Next Frontier in Fighting the Human Problem

Justin Jett, director of audit and compliance for Plixer, discusses the transformation of network-traffic analytics and what it means for cybersecurity now. Last year, Gartner published a market guide on network detection and response (NDR). Formerly known as network-traffic analytics, which I’ve spoken about in the past at length, NDR has adapted to not only … Continue reading Network Detection & Response: The Next Frontier in Fighting the Human Problem

Facebook attributes 533 million users data leak to “scraping” not hacking

Facebook has now released a public statement clarifying the cause of and addressing some of the concerns related to the recent data leak. As reported last week, information of about 533 million Facebook profiles surfaced on a hacker forum. From the Facebook data samples seen by BleepingComputer, almost every user record had a mobile phone … Continue reading Facebook attributes 533 million users data leak to “scraping” not hacking

Ongoing attacks are targeting unsecured mission-critical SAP apps

Threat actors are targeting mission-critical SAP applications unsecured against already patched vulnerabilities, exposing the networks of commercial and government organizations to attacks. Over 400,000 orgs worldwide and 92% of Forbes Global 2000 use SAP's enterprise apps for supply chain management (SCM), enterprise resource planning (ERP), product lifecycle management (PLM), and customer relationship management (CRM). SAP … Continue reading Ongoing attacks are targeting unsecured mission-critical SAP apps