Topic: security

Podcast: Diving into NIST’s quantum-safe algorithms

There’s been a concern that quantum computers could break the current encryption algorithms we use to protect data today. Recently, NIST announced the approval of three quantum-safe algorithms that could withstand quantum computers. IBM developed two of the approved algorithms, so on the most recent episode of our podcast, Get With IT, we interviewed Vadim … continue reading

Stytch updates Device Fingerprinting to improve bot detection

The authentication provider Stytch is releasing new features in its Device Fingerprinting offering aimed at making it easier for companies to detect bots and fraud. Stytch Device Fingerprinting creates unique and persistent fingerprints for each visitor by analyzing subsignals of device hardware, network TLS profile, and active browser markers. It is also invisible to users, … continue reading

Report: AI may have benefits across enterprise, but it’s causing trouble for IT

A majority of IT leaders are worried about the cybersecurity implications brought on by the introduction of AI into their organizations. According to Flexential’s 2024 State of AI Infrastructure Report, 95% of IT leaders said that AI has made their organization more vulnerable to cyberthreats. About half of the respondents believe this is because the … continue reading

Docker will soon deprecate password logins via CLI when SSO enforcement is on

Starting September 16th, Docker is deprecating the ability to use passwords to sign-in to services via its CLI when users have Single Sign-On (SSO) enforcement turned on. SSO enables users to authenticate once and get access to multiple different services. In this case, that includes Docker Desktop, Docker Hub, Docker Scout, and Docker Build Cloud. … continue reading

Fortanix adds File System Encryption in latest release

The security company Fortanix has announced File System Encryption, a new feature that is part of the Fortanix Data Security Manager. With File System Encryption, data can be encrypted at the file system level, which is useful in scenarios where different user groups need access to different parts of a database.  Organizations can set up … continue reading

Report: Companies are overconfident in their cyber resilience abilities

A majority of companies believe they have the necessary technologies and processes in place to deal with security events in a timely manner, but new survey data shows that in practice, this isn’t the case.  Cohesity surveyed 3,1000 IT and security decision makers for its Global Cyber Resilience Report 2024, and 78% of the respondents … continue reading

The C-suite conundrum: Are senior executives the Achilles’ heel of cybersecurity?

In today’s digital landscape, an organization’s C-suite and senior executives hold the most valuable corporate data and sign-off authorities, representing the highest potential risk over email. Whether it’s inbound spear phishing attacks or outbound mistakes resulting in a damaging data breach, the C-suite is vulnerable.  But what do cybercriminals want from these individuals? Are breaches … continue reading

Q&A: The disconnect between the C-Suite and IT practitioners on AI readiness

Tech leaders are eager to reap the benefits of generative AI, but are they really production ready and able to be used in a secure way yet? According to Randall Degges, head of developer relations and community at Snyk, no.  He joined us on the most recent episode of our weekly podcast, Get With IT, … continue reading

Report: Majority of security pros admit to using “shadow SaaS” apps

A recent survey from Next DLP revealed that over the last year, 73% of security professionals have used used “shadow Saas,” or SaaS applications not provided or approved by their IT teams. Further, even though they are using shadow SaaS, they admitted to being aware of the risks of doing so, with the most commonly … continue reading

Q&A: What the consolidation of the SIEM market means for IT

Over the last several months, multiple security information and event management (SIEM) platforms have either merged or been acquired. LogRhythm merged with Exabeam, Palo Alto Networks acquired IBM’s QRadar portfolio, and Cisco acquired Splunk.  To talk about why this is happening and what it all means, Chas Clawson, field CTO at Sumo Logic, joined the … continue reading

Datadog releases a number of observability, security updates at DASH

Datadog is hosting its annual event, DASH, this week. At the event, the company showed off several new features across its entire platform, from observability to security.  Observability Datadog LLM Observability allows customers to monitor their LLM apps to identify drifts in prompt topics and responses, mitigate prompt injections, detect personally identifiable information (PII) leakage, … continue reading

SELKS – ITOps Times Open Source Project of the Week

SELKS is an open-source network security monitoring platform that offers network intrusion and detection capabilities.  The name comes from the original components it was built around: Suratica, Elasticsearch, Logstash, Kibana, and Scirius. It has since expanded to include EveBox, Arkime, and CyberChef as well.  It can be installed on any Linux or Windows operating system … continue reading

DMCA.com Protection Status

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!