Information security compliance teams play an increasingly important role in the growth of their companies. Depending on its…
A survey shows business leaders paying more attention to information security. That means enterprise security teams have a lot of work ahead.
iCIMS, the Talent Cloud company, announced it received two premier certifications validating its dedication to data security and privacy.
DataOps builds out the new generation of data infrastructure and human behavioral norms for managing data as a strategic resource on par with weapon systems.
DevOps is critically important if the Pentagon is to accelerate time to delivery and deploy resilient, state-of-the art capabilities in line with evolving mission needs.
Containers can help expedite and improve the reliability of application and data transfers from the “low side” to the “high side,” allowing developers to safely move applications and data across domains while maintaining a secure pipeline.
When it comes to running an information security program, barriers to success are predictable. Many are obvious, such as a lack of budget and minimal buy-in, but others are not so clear and it’s often the small things that add up to create real security hurdles.
Software modernization has a branding problem, and it's going to take more than the colloquial culture shift to speed up the Defense Department's adoption of modern tech capabilities, according to Deputy CIO Peter Ranks.
CloudMargin, creator of a collateral and margin management solution native to the cloud, has appointed Mario Platt as Vice President, Head of Information Security.
As CSO of Auth0, Joan Pepin is responsible for the holistic security and compliance of the company's platform, products, and corporate environment. Here, we talk to Pepin, who has focused her time on mentoring and advocating for women in cybersecurity and technology, working to reconstruct the notion that women should only work within their bounds, and encouraging women to reach higher and challenge the status quo. She actively supports, advises, and works alongside women in the cybersecurity industry including participating in organizations, like Women Who Code and Women in InfoSec.
nVisium released the findings of their recent research which explores the current state of cybersecurity awareness and security training initiatives within today’s remote workforce. The research reveals that only 35% of respondents classify security awareness training as a ‘top priority’ while working remotely, and nearly half say that their DevOps teams are not experts in understanding how to protect at home wireless networks.
With a Private CA (or “Private PKI”) solution, you can brand the certificates for your servers, devices, and users. Since the purpose of this CA is to serve your organization only, it will provide a tighter control when its Public Key Infrastructure (PKI) is used for internal user authentication. For this reason, Private PKI is immensely popular for deployment in enterprise IT, as well as cloud-native DevOps and Internet of Things (IoT) environments.
Lowe’s Companies, Inc. (NYSE: LOW) is a FORTUNE® 50 home improvement company serving approximately 18 million customers a week in the United States and Canada. With fiscal year 2019 sales of $72.1 billion, Lowe’s and its related businesses operate or service more than 2,200 home improvement and hardware stores and employ approximately 300,000 associates. Based…
RSA Conference, the world’s leading information security conferences and expositions, announced the conclusion of its 8th regional event which was rei…
New report from the Information Security Forum (ISF) demonstrates that open source security continues to be a substantial risk even as organizations of all sizes are increasingly leaning on open source software for convenience and financial savings.
While many people talk about the DevOps pipeline and its impact on development and operations, there’s also an impact on other functions. For example, human resources doing the right hiring, sales doing the right pitch, or marketing obtaining feedback whether customers like the outcomes or not. According to IDC, DevSecOps will drive at least 50% of new applications in Asia-Pacific by 2024.
The Information Security Forum has announced the release of Deploying Open Source Software: Challenges and Rewards, helping security professionals recognize the benefits and perceived challenges of using OSS and set up a program of protective measures to effectively manage OSS.
The new NIST standards for IAST and RASP are a testament that outside-in AppSec approaches are antiquated, inefficient, and ineffective. Security instrumentation is more than a paradigm shift of the future—it is an opportunity for today.
Key DevSecOps solutions available and their benefits and pitfalls through a series of evaluating different tools for Technical Architects and Engineering Teams.
ThoughtWorks' Jim Gumbley recently published a guide to Threat Modelling on Martinfowler.com with a template for facilitating remote and onsite sessions. He makes a case for continuous threat modelling within each iteration, alongside business stake-holders. Derek Handova has also written about removing friction from security through automation and a greater security focus in the SDLC.