There’s been a concern that quantum computers could break the current encryption algorithms we use to protect data today. Recently, NIST announced the approval of three quantum-safe algorithms that could withstand quantum computers. IBM developed two of the approved algorithms, so on the most recent episode of our podcast, Get With IT, we interviewed Vadim … continue reading
The authentication provider Stytch is releasing new features in its Device Fingerprinting offering aimed at making it easier for companies to detect bots and fraud. Stytch Device Fingerprinting creates unique and persistent fingerprints for each visitor by analyzing subsignals of device hardware, network TLS profile, and active browser markers. It is also invisible to users, … continue reading
A majority of IT leaders are worried about the cybersecurity implications brought on by the introduction of AI into their organizations. According to Flexential’s 2024 State of AI Infrastructure Report, 95% of IT leaders said that AI has made their organization more vulnerable to cyberthreats. About half of the respondents believe this is because the … continue reading
Starting September 16th, Docker is deprecating the ability to use passwords to sign-in to services via its CLI when users have Single Sign-On (SSO) enforcement turned on. SSO enables users to authenticate once and get access to multiple different services. In this case, that includes Docker Desktop, Docker Hub, Docker Scout, and Docker Build Cloud. … continue reading
The security company Fortanix has announced File System Encryption, a new feature that is part of the Fortanix Data Security Manager. With File System Encryption, data can be encrypted at the file system level, which is useful in scenarios where different user groups need access to different parts of a database. Organizations can set up … continue reading
A majority of companies believe they have the necessary technologies and processes in place to deal with security events in a timely manner, but new survey data shows that in practice, this isn’t the case. Cohesity surveyed 3,1000 IT and security decision makers for its Global Cyber Resilience Report 2024, and 78% of the respondents … continue reading
In today’s digital landscape, an organization’s C-suite and senior executives hold the most valuable corporate data and sign-off authorities, representing the highest potential risk over email. Whether it’s inbound spear phishing attacks or outbound mistakes resulting in a damaging data breach, the C-suite is vulnerable. But what do cybercriminals want from these individuals? Are breaches … continue reading
Tech leaders are eager to reap the benefits of generative AI, but are they really production ready and able to be used in a secure way yet? According to Randall Degges, head of developer relations and community at Snyk, no. He joined us on the most recent episode of our weekly podcast, Get With IT, … continue reading
A recent survey from Next DLP revealed that over the last year, 73% of security professionals have used used “shadow Saas,” or SaaS applications not provided or approved by their IT teams. Further, even though they are using shadow SaaS, they admitted to being aware of the risks of doing so, with the most commonly … continue reading
Over the last several months, multiple security information and event management (SIEM) platforms have either merged or been acquired. LogRhythm merged with Exabeam, Palo Alto Networks acquired IBM’s QRadar portfolio, and Cisco acquired Splunk. To talk about why this is happening and what it all means, Chas Clawson, field CTO at Sumo Logic, joined the … continue reading
Datadog is hosting its annual event, DASH, this week. At the event, the company showed off several new features across its entire platform, from observability to security. Observability Datadog LLM Observability allows customers to monitor their LLM apps to identify drifts in prompt topics and responses, mitigate prompt injections, detect personally identifiable information (PII) leakage, … continue reading
SELKS is an open-source network security monitoring platform that offers network intrusion and detection capabilities. The name comes from the original components it was built around: Suratica, Elasticsearch, Logstash, Kibana, and Scirius. It has since expanded to include EveBox, Arkime, and CyberChef as well. It can be installed on any Linux or Windows operating system … continue reading