Barak Tawily, Chief Technology Officer and Co-Founder of Enso Security, argues that most AppSec teams today spend most of their time creating relationships with developers and performing operational and product-related tasks — and not on application security. Here, we talk to Tawily about AppSec and why enterprise security should be concerned with AppSec.
App security is too important to be an afterthought. With the threats facing modern web applications, organizations need to find a new way to ensure protection without impeding innovation. To move forward, security and DevOps will need to work together to solve the challenges they face—in terms of both security and organizational politics.
Is your organization struggling with false alarms? If so, consider artificial intelligence-based video analytics using machine learning technology to spot and virtually eliminate false alarms. But before selecting an advanced analytic software offering, ask yourself these seven questions.
As a former Marine with expertise in counterintelligence, Human Intelligence (HUMINT) and Technical Surveillance Counter-Measures (TSCM), Jason Passwaters leveraged his international war fighting experience and built uniquely qualified teams at iSIGHT Partners, and then in co-founding Intel 471. His military service taught him to emphasize three areas that can make threat intelligence more targeted and actionable for organizations.
As the light at the end of the tunnel becomes brighter, rethinking the hiring and onboarding process for security talent can be the difference between recovering out-of-work employees, getting them up to speed, and enduring unnecessary difficulties.
What the COVID-19 crisis is ultimately doing to the cybersecurity industry is shining a spotlight on the cybersecurity talent shortage. What is one of the only benefits of the critical issue, it's that it has allowed many in Northern Virginia to elevate and extend a slew of innovative measures that companies and region are implementing to combat the problem. As they set out to solve the industry talent shortage, Northern Virginia found the following strategies to be impactful steps in tandem toward a solution.
While authentication and authorization might sound similar, they are two distinct security processes in the identity and access management (IAM) space. Authentication is the security practice of confirming that someone is who they claim to be, while authorization is the process of establishing the rights and privileges of a user. Here, we talk to Tehila Shneider about authorization, authentication, and why authorizations remains a problem that is mostly unsolved.
The focus of cybersecurity protection shouldn’t always be about trying to anticipate the latest means or technology that could impact a business, but instead, focusing on the same tactics and how these can specifically adapt.
The threat landscape that organizations are facing is changing rapidly. Increasingly, senior leadership of multinational companies will have to think about the impact of an array of physical, cyber and digital risks to their organizations. To mitigate risk within the enterprise, there should be a renewed emphasis on how to restructure corporate security teams and how to reframe them within corporate structure. Here are some practical considerations.
When an employee or security can rapidly and effectively incapacitate and control a potentially violent subject without physical contact and without any effect on bystanders or lasting harm to the subject, virtually all potential catalysts of injury from violence are effectively eliminated.