Featured content

A data leak can result in serious financial, reputational, and legal repercussions, whether caused by employee negligence, an insider threat, or a hack. When sensitive data is exposed, everything from social security numbers to health records can end up in the wrong hands.

Developed by renowned analyst John Kindervag, Zero Trust is a strategic cybersecurity model that protects critical systems and data. Systems operating under a Zero Trust framework do not initially trust access or transactions from anyone — including internal users behind the firewall — and limit data access to minimize the blast radius of a cyber attack.

The United States has a patchwork and ever-changing web of laws governing data privacy. While there’s no comprehensive federal privacy decree, several laws do focus on specific data types or situations regarding privacy.

One of the essential aspects of conducting any business is protecting customers' data. As a result, companies must comply with System and Organization Controls (SOC 2) to ensure their organization follows the best data security practices. But what is SOC 2 compliance? And how can you be sure you’re doing everything necessary to achieve SOC 2 compliance?

Benjamin Delpy originally created Mimikatz as a proof of concept to show Microsoft that its authentication protocols were vulnerable to an attack. Instead, he inadvertently created one of the most widely used and downloaded threat actor tools of the past 20 years.

Appearing as a relatively new ransomware threat, only active since roughly July 2022, the root of SolidBit can be traced to a family of ransomware builders that have been through a number of iterations and name changes since being first observed in June 2021.

If you find yourself troubleshooting network issues, and you have to inspect individual packets, you need to use Wireshark. Wireshark is the de facto, go-to, you-need-to-know-how-to-use, application to capture and investigate network traffic.

Let’s say your top sales manager leaves your company to join a competitor. You expect they’ll take their relationships with them, but will they take your sales data, too?

In Varonis’ latest update of DatAdvantage Cloud, we’re layering MITRE ATT&CK tactics and techniques over our cloud alerts to aid in faster incident response. Mapping alerts to MITRE ATT&CK helps security teams better understand the alert's context, impact, and phase. Additionally, it can help inform how best to guard against attacks in the future.

Amazon Web Services (AWS) Simple Storage Service (S3) enables users to organize and manage data in logical containers known as “buckets”. AWS continues to improve and simplify the bucket creation and configuration process, from simply clicking “Create bucket” in the user interface to enabling creation and configuration through code, via CloudFormation. This article will walk you through how to create S3 buckets via CloudFormation, allowing you to reap the benefits of Infrastructure as Code (IaC) practices.

SQL injection is among the top 10 open web application security project (OWASP) vulnerabilities. Applications tend to be at risk of high-profile vulnerabilities like SQL injection attacks. The results of a SQL injection attack vary, ranging from retrieving confidential data to altering an application’s logic.

No matter what industry you work in, chances are you handle sensitive information. Whether it involves customers, vendors, government agencies, or third parties, data such as social security numbers and medical records are generated, stored, and transmitted every second of every day. Keeping private information private can be a considerable challenge, which is why many organizations today perform a privacy impact assessment (PIA).