Recently, I started to read the invaluable book Software Engineering at Google. It’s a great book by Google, describing their engineering practices across many different domains. One of the first chapters discusses the matter of making a “scalable impact,” which I find very interesting, and something that I believe has been overlooked by many organizations.
It’s no secret that cyber attacks are on the rise. Not only are they becoming more frequent, but the malicious actors who mount these attacks are constantly improving their skills and evolving the tools in their arsenals. Protecting your organization is challenging at best; especially since we measure the return on investment for cybersecurity as ‘preventing losses’ instead of ‘increasing revenue.’
The #LifeatTorq Team Spotlight is a Q&A series dedicated to the talented and generally kick-ass team that form the foundation of our growing company. Today we are spotlighting Leen Neuman, a Front End Engineer at Torq, based in our Tel Aviv office.
The #LifeatTorq Team Spotlight is a Q&A series dedicated to the talented and generally kick-ass team that form the foundation of our growing company. Today we are spotlighting Ori Seri, an R&D team leader at Torq, based in our Tel Aviv office. Tell us a bit about your career path before Torq. Ori: I was an officer in an Israeli Defense Forces (IDF) Intelligence unit early on. Then I worked at a startup called Nuweba, where I began as an engineer, and later led an R&D team there.
SecOps and security teams spend an excessive amount of time sifting through low-value, poorly-contextualized alarm data rather than actively hunting for valid threats. This is because bad actors are constantly looking to steal whatever they can hold onto with the least exposure. Recent ransomware attacks in critical business sectors only serve as reminders that organizations cannot lie dormant. This blog post will unpack strategies to help overcome these challenges and explain why integrating threat intelligence with security orchestration and automation is critical for an effective security operations strategy.
The identification of every user making a request to a given system is vital to ensuring that action is only taken by, and information only returned to, those who need it. This happens in two steps: first, the requester is identified (authenticated), and then that identity is used to determine which parts of the application they are allowed to access.
When you think about how to automate processes within the IT industry, your mind probably goes first to tools. After all, the past decade has witnessed an explosion of tools from across the industry that promise to make it easy to automate virtually every aspect of IT operations — from low-code development solutions that automate coding, to release automation tools for applications, to automated monitoring and security platforms.
The #LifeatTorq Team Spotlight is a Q&A series dedicated to the talented and generally kick-ass team that form the foundation of our growing company. Today we are spotlighting Kostya Ostrovsky , a Software Architect at Torq based in our Tel Aviv office. Kostya is one of the first employees at Torq.
If you’re a developer who lives and breathes code all day, you probably don’t mind having to write complex configuration files to set up an automation tool or configure a management policy. But the fact is that many of the stakeholders who stand to benefit from security automation are not developers.
In an age when attackers create over a million phishing sites each month, and phishing serves as a beachhead for 95 percent of all attacks against enterprise networks, how can businesses respond? Part of the answer lies in educating users to recognize and report phishing, of course. But user education only goes so far – particularly because the same statistics cited above show that, on average, only 3 percent of users will report phishing emails.
