Creating the Next Generation of Secure Developers
Security

Creating the Next Generation of Secure Developers

As companies migrate to more resilient cloud infrastructures, threat actors continue to turn their attention to the application landscape as an entry point for compromising systems. With no less than 76% of applications plagued by at least one security flaw, securing software must be a priority. Unfortunately, a startling lack of training and education opportunities has left many developers ill-prepared to write secure code and build systems that are secure by design — right at the time when we need them most. Despite finding ourselves at this crunch point, the cybersecurity skills gap remains huge. This is compounded by a consistent lack of workplace training to teach employees secure coding principles and how they affect the software development life cycle. Meanwhile, threat a...
Log4j Highlights Need for Better Handle on Software Dependencies
Security

Log4j Highlights Need for Better Handle on Software Dependencies

It's a new year and the cybersecurity community now faces the long-term consequences of yet another software supply chain security nightmare. After a year full of application security zero-day fallout, the Log4j vulnerability debacle (also referred to as Log4Shell) was like a thematic bookend for 2021 that closed out the year much in the way SolarWinds started it. The real-world consequences of these incidents schooled enterprise IT teams in too many ways to count. But perhaps the most important lesson to bubble up is how much work many organizations need to do to truly understand and manage what code is running under the hood across their software portfolios. Like the SolarWinds incident before it, the Log4j fiasco highlighted how many hidden software dependencies exist in enterpr...
The Relationship Between Reputation and Brand
Reputation

The Relationship Between Reputation and Brand

The quote is from one of the most famous advertisements in which McGraw-Hill brings forward the thought that a company’s reputation is a requirement for the successful selling of a product or service. Sales must start before the salesperson calls on the would-be customer. That is possible only when the brand has an admirable and first-rate reputation in the market. A brand having a good reputation contributes to the enhancement of its products and services’ value. Likewise, a bad reputation devalues products and services and brings in further decline. Furthermore, if a brand is consistently projecting a lucid image of itself, it is more likely to build a more substantial reputation and be remembered in the future. Brand reputation is the determining factor that decides whether cons...
Do You Need to Invest in All Meme Tokens to Become Rich? (1) CoinGecko’s API Free Data Problem
Risk

Do You Need to Invest in All Meme Tokens to Become Rich? (1) CoinGecko’s API Free Data Problem

CoinGecko.com is a gateway to explore cryptocurrency data. It’s catchy and worth making your next good friend if you are interested in crypto. For quants and field researchers their API could be a plug into stream of real-time crypto-market data accessed via a number of clients (e.g. C++, NodeJs, R, Python, Java, Ruby, etc.). CoinGecko’s free API has a rate limit of 50 calls/minute. If you need to fetch data more frequently, you have three paid plans to choose from. Let’s focus for a moment on what you can get for free if you’re a Python user. Say, our project is expressed by the title of this article and you are a newbie to the crypto-world seeking for a quick way to download some data and perform calculations. What do you need? For sure it would be a list of all Meme Tokens. It w...
Grow Employee Engagement with a Strong Investigation Process
Risk

Grow Employee Engagement with a Strong Investigation Process

In a tight labor market, employers are seeking to gain or retain a workforce with more pay, work for home and other perks. They can also improve retention through a culture of trust and consideration. Improve how you listen and investigate when someone on your team speaks up about compliance. If you investigate with urgency and respond, then you’ll gain trust and build employee engagement. Here is an anecdotal case, from the perspective of the business: An anonymous report comes in from a small foreign office, that says “It seems like there is something going on between the marketing lead and a partner. I suspect they are wasting marketing funds.” The seriousness of the issue is not entirely clear—maybe the person reporting the issue is questioning the quality of the marketing camp...
Review of 2021: Default, revolt, reform
Risk

Review of 2021: Default, revolt, reform

A secretive family office triggers one of the biggest trading losses in history. An army of retail investors single-mindedly hunts down short sellers in the stock market. The world’s most important financial benchmark marches inexorably towards death. While the last of these seismic events was stage-managed – to the extent possible – the others were not. The rise of Reddit’s retail army was anticipated by some, as home-workers ploughed their savings into a Bolshie new form of stock trading, but the explosion it set off in January came as a shock to most. And the failure of Archegos Capital Management was a five-alarm fire. Against the backdrop of a mutating virus and rising global temperatures, this was a precarious, disorderly year. It was also a story of adaptation and survival. Des...
Security

Security Solutions

Nessus Website: https://www.tenable.com/products/nessus F-Secure Endpoint Security Website: https://www.f-secure.com/en Tenable.sc Website: https://www.tenable.com/products/tenable-sc AlienVault USM from AT&T Cybersecurity Website: https://cybersecurity.att.com/products SecurityScorecard Website: https://securityscorecard.com/ Tenable.io Website: https://www.tenable.com/products/tenable-io Qualys Cloud Platform Website: https://www.qualys.com/cloud-platform/ DigitalDefense Frontline Vulnerability Manager Website: https://www.digitaldefense.com/platform/frontline-vm/ Azure Security Center Website: https://azure.microsoft.com/en-us/services/sec...
Risk

Risk Solutions

Dataminr Website: https://www.dataminr.com/ LogicGate Risk Cloud Website: https://www.logicgate.com/ Camms.Risk Website: https://cammsgroup.com/en_us/products/risk/ OneTrust Website: https://www.onetrust.com/ SAI360 Website: https://www.sai360.com/ Fusion Framework System Website: https://www.fusionrm.com/platform/fusion-framework-system/ Archer Website: https://www.archerirm.com/ AuditRunner Website: https://www.auditrunner.com/ Ventiv IRM Website: https://www.ventivtech.com/products/integrated-risk-management-platform LogicManager Website: https://www.logicmanager.com/ Ncontracts Website: https://www.ncontracts...
Reputation

Reputation Solutions

Meltwater Website: https://www.meltwater.com/en Semrush Website: https://www.semrush.com/?l=en&1637867470 Cision Communications Cloud Website: https://www.cision.com/communications-cloud/ TVEyes Website: https://tveyes.com/ Muck Rack Website: https://muckrack.com/ AlphaSense Website: https://www.alpha-sense.com/ Critical Mention Website: https://www.criticalmention.com/ Newswire Website: https://www.newswire.com/ Dataminr Website: https://www.dataminr.com/ Ahrefs Website: https://ahrefs.com/ Mention Website: https://mention.com/en/ Agility PR Solutions Website: https://www.agilitypr.com/ ...
Availability

Availability Solutions

Dynatrace Website: https://www.dynatrace.com/ Freshping Website: https://www.freshworks.com/website-monitoring/ DataDog Website: https://www.datadoghq.com/ LogicMonitor Website: https://www.logicmonitor.com/ Uptime.com Website: https://uptime.com/go/home?hsLang=en Better Uptime Website: https://betteruptime.com/ UptimeRobot Website: https://uptimerobot.com/ GTmetrix Website: https://gtmetrix.com/ Site24x7 Website: https://www.site24x7.com/ checkmk Website: https://checkmk.com/ Hexometer Website: https://hexometer.com/ SolarWinds Pingdom Website: https://www.pingdom.com/ Uptrends Websi...