Khoi P.

🎙️ New Podcast Alert! Our Field CPO, Ron De Jesus, joins David Ruiz on Lock and Code to explore the role of privacy professionals, the importance of "shifting privacy left," and how consumers can identify trustworthy companies. Thanks to David and Malwarebytes for this engaging episode. Tune in on Spotify and Apple Podcasts! #Privacy #CPO #DataProtection #ConsumerTrust #Podcast

17

Security teams face a constant struggle: ensuring their SIEM provides meaningful, actionable insights without drowning in noise. If this resonates, mark your calendar for Tuesday, December 10th, at 10 am PT, as we dive into a smarter way to optimize your SIEM with Breach and Attack Simulation. Join Ben F. and Carlos Koteich as they unpack the capabilities of AttackIQ Flex 3.0 and its seamless integration with Splunk. You’ll walk away with: 1️⃣ A clear understanding of your attack surface. 2️⃣ Ability to detect and prioritize vulnerabilities. 3️⃣ See detection gaps instantly with Splunk integration. 4️⃣ Improve detection using Yara and Sigma rules. 5️⃣ Validate alert pipeline efficiency from controls to SIEM. 👉 Discover how to bridge the gap between threat emulation and real-world detection. Register now to gain actionable insights: https://bit.ly/3ZnDHsY

23

Manual code remediation can take up to 30 hours per vulnerability. Save valuable dev hours with #Mobb. Try it for free today (skip the sales pitch) >> https://mobb.ai/

6

🚀 Modernize Your Security Data Pipeline with Security Risk Advisors! Security Risk Advisors can help you optimize your XDR and security data pipelines, leveraging tools like Cribl Stream to drive value for your operations. Here’s how we can empower your security team: 🔍 Actionable Insights for SOC Analysts We enrich your logs with Indicators of Compromise (IOCs), third-party threat intelligence, IP lookups, and more, making your data ready for rapid threat detection and response. 💡 Maximize SIEM and UBA Efficiency By filtering out unnecessary data, we reduce noise, cut costs, and enhance the performance of your SIEM and user behavior analytics tools. 📂 Cost-Effective Data Retention We help you implement full-fidelity data storage solutions, ensuring your machine data is preserved in affordable environments like AWS S3 and easily accessible during investigations. 🔧 Streamlined Data Architecture Simplify your telemetry architecture with a unified pipeline strategy, reducing complexity and the overhead of managing multiple agents. Let us help you unlock the potential of your security data. https://sra.io/cribl/ #CyberSecurity #DataPipeline #XDR #SIEMOptimization #SOCExcellence #ThreatIntelligence

2

What’s in the cards for SaaS security next year? Take a look at our predictions for 2025, courtesy of some of our favorite SaaS experts including Brian Soby, Aaron C., and Justin Blackburn. 🪄

50

1 Comment

You’re ready for an upgrade in identity management but worried switching to Auth0 by Okta might mean overhauling your entire setup. Why risk disruptions or inefficiencies, right? Many stick with their outdated system just to avoid this headache. With “lazy migration” and ThunderLabs’ strike team expertise, moving to Auth0 is a seamless, non-disruptive journey. Swipe through the carousel to find out more.

8

Here's the catch when it comes to securing sensitive data: You have to know where all of it is. That's why data *discovery* is so critical - you can only defend the data you know about.

23

2 Comments

Elevate your machine identity security strategy to meeting NIST standards with Venafi! Watch this to learn how to simplify compliance and boost your security posture. ⬇️ 📺 https://lnkd.in/gkGt9CWa

10

Skip the guesswork and noise. Get to the bottom of what #ASPM does for your security program and how to approach evaluating an ASPM platform: a definitive #buyersguide for #AppSec teams in need of a break. ⬇️ Download link below ⬇️

9

1 Comment

🚀 Sam Gabrail, #PlatformEngineer, breaks down the chaos of secrets management! 🔐 Learn how Akeyless Universal Secrets Connector unifies all your secrets managers into a single access point—no migrations required. ✅ Simplify, secure, and streamline your operations with ease. Don’t let secrets sprawl slow you down. 💡 Watch now and take control! 🎥 https://lnkd.in/e9arPcsV ✨ #SecretsManagement #CloudSecurity #DevOps #DevSecOps #PlatformEngineer #CloudSecurity #MachineIdentities #AWS #GCP #Azure

9

🚧 What's holding back your vulnerability management program? One reason could be: Limited CVSS-based prioritization and a lack of organizational or threat context needed to identify actual risks. Sound familiar? Discover this roadblock and others in our on-demand webinar with Scott Kuffer and Gene Bandy: https://lnkd.in/gvrW_3m7

2

Did you know the top data breach type is “data emailed to the wrong person”? IntraSystems handles this issue with Proofpoint because of its AI-powered adaptive email data loss prevention. You can learn about employees’ email behaviors to detect abnormal behavior and provide real-time warnings. Request a demo to get a glimpse of this advanced solution: https://hubs.la/Q02QXXl50 #Proofpoint #cybersecurity #AI

7

Hard to keep up with cybersecurity alphabet soup of acronyms? Check out this video to learn why XDR is more than just another security acronym.

2

⚠️⚠️Drowning in Alerts?⚠️⚠️ If sifting through a relentless tide of alerts is proving overwhelming for your cybersecurity team then it's time to take action. Our MDR and XDR solutions are designed to empower your security team, transforming alert fatigue into alert efficacy. By leveraging our comprehensive capabilities, your team can focus on what truly matters, ensuring that your digital realm remains secure and resilient. Interested? Read more here: https://loom.ly/HsqlsvY #CyberSecurity #AlertFatigue #XDR #risk #databreach

12

Are you familiar with security challenges surrounding open source software? 🤔 In a new interview with Michael Vizard at Techstrong TV, Tidelift CEO and co-founder Donald Fischer, and Sonatype CTO and co-founder Brian Fox explore the impact paying maintainers can have on making the software supply chain more secure. They share evidence from new Tidelift and Sonatype surveys that shows when maintainers are paid, they invest more in keeping their projects secure and reliable. Early this year, the Harvard Business School set out to approximate the value of open source and found that its value sits at about 8.8 trillion dollars (yes, trillion 😵‍💫). By comparison, the entire U.S. electrical grid is valued at 1.5- 2 trillion dollars, and the U.S. interstate highway system is valued at 750 billion dollars. It’s more than safe to say that open source is vital infrastructure in our modern society. But unlike the electrical grid and the interstate highway system, open source isn’t publicly funded. Yet, we expect open source maintainers to keep their open source projects secure, maintained, and up to industry and government standards. (At this year’s Upstream, Tidelift co-founder and General Counsel Luis Villa sat down with Frank Nagle, one of the authors of this Harvard Business School study, to discuss how the numbers came to be and what this finding means for open source maintainers and software supply chain security. You can find the link in the comments below.) In this year’s Tidelift state of the open source maintainer report, we found: - Bad news, 60% of open source maintainers report being unpaid for their work  - Good news, those who are paid spend more time on their projects and are almost twice as likely to be able to prioritize remediating security vulnerabilities A direct quote from Brian, “Why can’t we peel off a fraction of a percent of that [the 8.8 trillion value] to help support those very people? When that happens, these things will get solved. Until then, it’s an uphill battle.” And from Donald, “The number one pain point that maintainers are reporting when we ask them this question [What do you dislike about being an open source maintainer?], is that a lot of folks are making a ton of money using their open source projects and assuming that they’re going to do all of this work to bring it to the enterprise grade, and they’re not getting paid for any of it. And that’s a really straightforward issue for us to solve.” To hear more about open source supply chain challenges along with findings from the 2024 Tidelift state of the open source maintainer report and from Sonatype's State of the Software Supply Chain report, you can watch the whole interview here 👉 https://lnkd.in/gK8BCw5z

10

1 Comment

Every security framework emphasizes the criticality of an asset inventory, and this is especially true for successful vulnerability management. In this video, Brian Contos highlights 5 ways an asset inventory is foundational to the efficacy of any vulnerability management program.

14