Your security environment is complicated. You’re invested in multiple security tools – antivirus, firewalls, IDS, IPS, SIEM, DLP, and more. If you haven’t invested in a red team, however, you’re doing security wrong. How could you know that your expensive defenses are working unless you’ve tested them out?
Cryptocurrency startups are still all the rage these days, but many of these companies have had a "break rules first, settle lawsuits later" approach to operating.
Did you ever have a Google Plus account? Neither did we, but a few people did, and most of their information just got leaked in a bug that affected 500,000 people. As a result, the search giant has shut their social media experiment down. Gone doesn’t mean forgotten however, and it turns out that even though Google Plus has been deleted, Google itself has been facing scrutiny about what led to the bug that finally killed it.
As of this writing, we’re just a month into 2018, and it’s already looking like an interesting year in the realm of information security. Here, interesting means fraught. The first few days of the year ushered in devastating news in the form of the Specter and Meltdown vulnerabilities.
File upload is one of those can’t-live-with-it, can’t-live-without-it items that makes information security so fraught with difficulty. On the one hand, it automates parts of doing business – especially B2C business – that would typically require a person to make a phone call, send an email, or even dust off their fax machine.
Your company probably has data that exists within internal systems (CRM, ERP, etc) as well as external systems that are outside of your control (i.e. weather, social media, etc.). If this disparate data leads you to question the quality of your data, you’re not alone.