Resources

While Okta and NS1 support SAML Authentication, Provisioning and de-provisioning users still requires manual work. We hate manual work, so here’s a way to automate the entire process, end-to-end, using Okta Workflows. Still unfamiliar with Workflows? Start here. Setting the Scene On NS1’s portal, Create an API Key for Okta Workflows. 2. On Okta Workflows […]

Have you shifted left yet? That’s the big trend, isn’t it? It’s meant to signal a movement of security responsibilities, moving from central IT teams over to developers, but that’s trickier than it sounds. Simply taking tools that are intended for use by security experts and making them run earlier in the supply chain does not […]

“Working from home 2021″ marks a massive shift away from common workspaces in response to the global pandemic. There is no more working remotely or working from home, there is just working. The axiom, “work is what you do, not where you go” has never before been so true. The possibility for the workforce to be location independent […]

On 14 July, 2020, Oliver Hough, a security researcher from Cyjax, published a report centered on a phishing campaign targeting banking customers in the United Kingdom, which evades two-factor authentication (2FA). On 16 December, 2020, researchers from the Global Threat Intelligence Team at WMC disclosed that they were tracking a threat actor who goes by the alias “Kr3pto”. […]

Overview Phishing continues to be a major attack vector, and it’s surprising just how many security incidents and breaches start with an employee clicking on a link in a carefully crafted phishing email (and sometimes doing the same with a not-so-well crafted phishing email — see this example).  There’s still a general perception that phishing attacks […]

Millions of people worldwide are still working remotely to support shelter-in-place requirements brought on by the pandemic. For many workers, a remote workstyle is a preference that will likely become a more permanent arrangement. Enterprises have responded by expanding their use of VPNs to provide remote access to the masses, but is this the right choice for long-term access?  Aside from enabling easy connectivity, […]

The global pandemic spurred a massive work-from-home (WFH) wave quite literally overnight. Hundreds of millions of people worldwide were told to stay home to stay safe, but they needed to keep working as best as possible. Enterprises responded to this sudden need for extensive remote network access by focusing on getting people connected—but connectivity often […]

Cloud security is a set of controls, policies, procedures, and technologies that protect data, infrastructure, and systems that are stored in cloud environments.  Cloud security measures give businesses the processes and tools they need to keep their data safe, meet their regulatory compliance requirements, protect their customers’ privacy, and establish authentication rules around all of […]

This year, the business community was forced to adapt to a new era of distributed work—and cyber threats have adapted right along with them. Between unsecured home WiFi networks and the rise in personal devices accessing company resources, the opportunities for data theft have risen as teams have dispersed. Implementing robust identity and access management […]

SOC2 is today the de-facto standard in security compliance frameworks. Complying with it is an important factor in passing your quarterly and annual financial audits. This is because nowadays security determines, to a great extent, whether or not your business will exist and grow. How did it come to be, and why, exactly, should you […]

The Only SOC 2 Compliance Checklist You’ll Ever Need Are you chasing an endless trail of screenshots? Awake at 3am, stressed about bugging your stakeholders for evidence–again? Wondering why you decided that this dang compliance framework was worth it? Congrats! You must be preparing for a SOC 2 audit. Soc 2 Compliance Checklist – How to Prepare […]

InfoSec Compliance is a big word, involving most systems in your working environment, and multiple deliverables to be produced for the auditing team. Up till today, this project was as complex as can be. Today, with the introduction of Compliance Automation Platforms, things get simpler. Here’s a list of what you need (and don’t need […]