Based on the widely used MITRE ATT&CK framework, MITRE ATT&CK Evaluations are independent tests for security tools that detail how they perform — not in theory, but under pressure. However, this test-optimized detection isn’t a perfect failsafe. But what is it? When does it make sense, and what’s missing? This article breaks down what MITRE […]

Generative artificial intelligence (Gen AI) is brand new. And that might be why it’s often used to mean 2 different things:  We’ve covered some components of AI security in general, especially how teams can get started protecting AI workloads. Here, we’ll go in depth about how teams are using generative AI in particular — the […]

You’ve already asked, “Are we doing what regulators expect in terms of container security?” And you’ve considered, “Are our containers themselves secure?” But threats to apps running in cloud-native environments remain. And it can be easy to dwell on questions about runtime attack paths, breakout and blast radius, identity misuse, zero-trust implementation, and supply chain […]

Data breaches aren’t skyrocketing, but costs are. Why? It’s about attacks that focus on personally identifiable information (PII), leaving more data exposed. And it’s about an increasing number of attacks that target hybrid surfaces, using multi-pronged approaches, such as supply chain attacks, phishing, and ransomware, all together. There are also AI-driven attacks to contend with, […]

How can teams enforce granular, risk-aligned controls across cloud workloads, identities, and data without silos or visibility gaps? Do they need to converge posture, identity, and data protection in cloud-native stacks, or do they still have SaaS governance problems to solve?  These are tough propositions, no matter what the stack looks like. And as modern […]

When cloud security breaches happen, teams are inevitably faced with one key question: Whose fault was it? On Amazon Web Services (AWS), the answer depends on how well you understand the platform’s Shared Responsibility Model, a foundational, but often oversimplified, framework that outlines who secures what in the cloud. We’ve already explored how to secure […]

Security testing is a vital component of the software development lifecycle (SDLC), both for organizations that develop software to sell and those that develop for in-house use. Two of the most common security testing methods are static application security testing (SAST) and dynamic application security testing (DAST). But in the head-to-head world of SAST vs DAST, […]

The goal isn’t to stack up a variety of security solutions that add complexity and expense. It’s about prioritizing the right tools for the environment and using them in smarter ways. Endpoint detection and response (EDR) and cloud detection and response (CDR) are two similar-sounding solutions with different targets. Add extended detection and response (XDR) […]

Docker came onto the container scene to simplify container deployments. But today, there are growing numbers of alternatives, each emerging with its own niche advantages. So, whether teams seek flexible architecture, broader tool integration, or more granular access controls, it’s worth knowing the world beyond this popular containerization platform.  What is Docker?  First, Docker is […]

Incident response (IR) templates make it simple to customize your response plan. As such, they’re important foundational documents in a digital forensics and incident response initiative. They’re also easier to choose and customize than you might think. We’re offering a few customizable examples to get you started. What is an Incident Response Plan (IRP)? An […]