Captain's Log, Stardate 2021.08.20

circle
circle

Captain's Log, Stardate is an ongoing series, published every Friday, highlighting interesting cyber news from the past week. To continue the discussion on any of these topics, join us on Slack

J1_Ambassador Hunter @2x

The Scariest Things We Saw at Black Hat 2021 | PC Magazine
Every year, the Black Hat security conference gathers the best and most frightening security research in one (sometimes digital) place. Here’s what impressed and worried us in 2021: Pew! Pew! Data Theft!, Iranian Hacker Training Videos, Who’s In That Capsule With You?, Your New Enemy? Your Browser, Stalkerware Is Everywhere, The Holes in a Series of Tubes, and much more. Read the full story...

A Cyber Threat Intelligence Self-Study Plan: Part 1 | Katie Nickels
I wrote this with the idea that someone wanting to learn about CTI could work through it section-by-section, since some concepts build on each other. Be forewarned, if you do this entire thing, it’s going to take a lot of time and effort! I’ve included resources to read and watch, things to do, and questions to think about, as well as a few optional paid resources if you want more. (Please note that some of the links directly download a PDF.).  Read the full story...

How much does a data breach cost? | IBM
The "Cost of a Data Breach Report 2021" explores ways to help mitigate risk. The annual Cost of a Data Breach Report, featuring research by the Ponemon Institute, offers insights from 537 real breaches to help you understand cyber risk in a changing world. Now in its 17th year, this report has become a leading benchmark tool, offering IT, risk management and security leaders a lens into factors that can increase or help mitigate the cost of data breaches. Read the full story...

Introducing the Allstar GitHub App | OpenSSF/Mike Maraya, Jeff Mendoza
Allstar is a GitHub app that provides automated continuous enforcement of security best practices for GitHub projects. It works by continuously checking expected GitHub API states and repository file contents (repository settings, branch settings, workflow settings) against defined security policies and applying enforcement actions (filing issues, changing the settings) when expected states do not match the policies. Read the full story...

Compliance is cumbersome, but cloud can help | Chris Hughes
Anyone who has ever worked in compliance can attest to the fact that it can be cumbersome and tedious. It often involves screenshots, spreadsheets, and other inefficient (and not-so-exciting) activities. But how does cloud change traditional approaches to compliance and security? And how can maximizing the capabilities of cloud save your organization time, stress, and potential regulatory impacts for non-compliance? Let’s have a look. Read the full story...

Resources

Modern Visibility in Cyberseccurity

avatar

Posted By Mark Miller

Mark Miller speaks and writes extensively on DevOps and Security, hosting panel discussions on tools and processes within the DevOps Software Supply Chain.

Mark actively participates in the DevOps/DevSecOps community by building DevSecOps tracks at security conferences such as RSA Conference, InfoSec Europe, CD Summit, AppSec USA and AppSec EU. He is the Senior Storyteller and Senior Director of Community and Content at JupiterOne.

As well, Mark is Executive Producer of the DevSecOps Podcast Series (300K+ listens), and the Executive Editor of the LinkedIn DevOps Group (124K+ members).

To hear more from Mark, get our newsletter. No spam, just the good stuff once or twice a month. Sign up below.

PREVIOUS ARTICLE

cyber-security 1

Ad Title Placeholder

Lorem ipsum dolor sit amet, consectetur adipiscing elit.