Like many others, the manufacturing industry is moving to a subscription-based business model. This new way of doing business is being referred to as servitization and it is forcing manufacturers to no longer strictly sell new products, but instead sell access to and the outcome those products deliver. This is fundamentally changing the way manufacturers […]
Top 5 AWS Security Mistakes: Leaky S3 Buckets
As we get ready to discuss our list of the Top 5 AWS Security Mistakes in the upcoming staging-devopsy.kinsta.cloud webinar, we wanted to provide a preview of the type and depth of information we’ll be discussing. Since the most-talked about, and likely the most vulnerable, aspect of AWS security is inevitably those leaky S3 buckets, […]
American Express Uses DevOps for Better Breach Response
It was 6 a.m. Saturday when the phone rang and awoke the American Express CIO. When the phone rings at 6 a.m., it is never good news. Never. This instance was no different: In this case, a third-party supplier just suffered a breach, and that breach would impact American Express cardholders. Immediately following that call, […]
Moving Security Beyond SSH and PKI
SSH (secure shell) is still the most common method of remotely accessing a Linux server, which makes it a common target for attackers attempting to infiltrate corporate networks. While the protocol itself carries a number of advanced security properties, it does allow for human error, opening the door for unwarranted privileged access to sensitive company […]
Application Development: Ripe for Encryption
As businesses look to accelerate application innovation and move more and more workflows to the cloud, their needs can be at odds with the need to secure the data. This article will outline current challenges faced by application developers to protect data in this new cloud/DevOps environment. It will also provide insights on how to eliminate the burdens […]
When Did Safety Nets Become Optional?
There are various reasons why some organizations would not be interested in protecting their data. These reasons could range from the lack of financial resources to the lack of non-financial resources, such as engineers to implement a solution. Regardless of whether there is a good reason to not protect your data, the net result is […]
Threat Protection Appliances: As Valuable to Security as Your Toaster
Nothing in the IT security community is as widely deployed and universally reviled as anti-virus. But, threat detection appliances, including intrusion prevention appliances, application firewalls and advanced threat protection appliances, should be almost as reviled. These appliances are nearly as useless as they are toxic. They do a horrible job finding problems and ultimately create […]
Protect Your Data with IRMaaS
Anyone who works in information security knows that security is often a treated as a token afterthought. It is the necessary evil that is begrudgingly tacked on with duct tape and chewing gum after a hot new product or technology gains mainstream acceptance. Anyone in information security also knows that security can be done more […]
Continuous Security Key to Defending Your Data Well
Defending data isn’t easy. If it were, we wouldn’t see new data breach headlines on a weekly—or sometimes even daily—basis. That said, defending data also isn’t rocket science. A new report from Nuix highlights some of the major concerns with protecting data, and also illustrates some of the ways in which consistent vigilance is half […]
Build security into your app development
Integrate security testing into your dev process now or else face cyber-attacks later The way we develop software has been radically transformed in the last few years. Agility and speed are vital components for any company that wants to compete in the market. In order to achieve that it has proven necessary to break down […]