On September 1, 2023, Microsoft’s Defender for Azure Blob Storage is set to introduce a groundbreaking feature: Malware Scanning. This highly-anticipated addition to the Defender suite brings real-time protection against malicious content, making it a vital component in fortifying your data security and safeguarding against the ever-evolving threat landscape.
Last month, the Cybersecurity and Infrastructure Security Agency (CISA) organized a one-day software bill of materials (SBoM)-centric conference, both amusingly and aptly entitled SBoM-a-Rama. It was a hybrid event allowing for both in-person and remote participation; I chose the latter. As a long-term security practitioner, I’ve been observing the development of this field with great enthusiasm, but always from the periphery.
Now that most people are familiar with and thus able to avoid standard phishing attacks, malicious actors have shifted to something more insidious. Email spoofing is an attack in which attackers impersonate someone the target knows, is a much more subtle way to compromise a user’s credentials or device. Like phishing, however, once you know the signs of a spoofed email and train other users on how to spot them, addressing the issue is often straightforward.
When you choose to work with another organization, for the sake of your reputation and security, you need to carefully vet each organization before finalizing the decision. Choosing a vendor with which to do business relies on that vendor ranking highly on a vendor risk assessment, which occurs when that vendor practices robust security, ensures compliance with local regulations, and implements effective policies and procedures to ensure smooth daily operations.
DevSecOps is a philosophy that integrates security practices within the DevOps process. DevSecOps involves creating a ‘security as code’ culture with ongoing, flexible collaboration between release engineers and security teams. The main aim of DevSecOps is to make everyone accountable for security in the process of delivering high-quality, secure applications. This culture promotes shorter, more controlled iterations, making it easier to spot code defects and tackle security issues.
Ah, the age-old question of how to manage screen time for kids – it’s like trying to navigate a minefield of Peppa Pig, Paw Patrol, and PJ Masks! I mean, who knew Octonauts and Bubble Guppies would become household names? As a dad of two young kids, managing screen time is a balancing act, especially keeping our 5-year-old happy with access to her shows.