You are here

Best of TechBeacon 2018: Security shifts left

public://pictures/Jaikumar-Vijayan-Freelance-Writer.png
Jaikumar Vijayan, Freelance writer

Enterprise security is about a lot more than malware, hackers, and data breaches. Much of what goes into managing enterprise cyber risk is also about secure development practices, regulatory compliance, and the ability to harness emerging artificial intelligence (AI) and machine-learning methodologies to bolster security.

TechBeacon's top 12 cybersecurity stories for 2018 cover the gamut of emerging trends and top issues confronting enterprises in these and related areas. These stories offer up advice and guidance from leading security experts on topics such as how to implement safe software pipelines, how to secure container deployments, and how to ensure that your DevSecOps practices comply with the GDPR requirements. Others examine the impact of emerging technologies such as quantum computing and AI on security. 

State of Security Operations 2018: Go Inside World SOCs

Secure Development Lifecycle: The essential guide to safe software pipelines

Many organizations use a Secure Development Lifecycle (SDL) process to ensure that security is integrated into the development process, not just bolted on at the end. Introduced by Microsoft in the early 2000s, SDL offers a standard approach to securing products during the development phase.  Security Journey CEO and former chief security advocate at Cisco Systems Chris Romeo describes what SDL is all about and offers tips on how you can use it to make your software more secure.

Is the newest quantum breakthrough an encryption killer?

Quantum computers promise to enable calculations and computations that are not currently possible, or are very hard to do, with conventional computing technologies. In recent years, researchers from around the world have claimed significant progress in making large-scale quantum computing a reality in the not-too-distant future. Here, Luther Martin, distinguished technologist at Micro Focus and an internationally recognized encryption expert, explains the significance of one such claim by researchers at the University of Science and Technology of China.

[ Free Report: How to Get the Most From Your Application Security Testing Budget ]

9 practical steps to secure your container deployment

Containers enable developers to build software once and have it run anywhere, regardless of the underlying infrastructure. This can speed up application deployment and reduce operational complexity. However, containers can also amplify security risks because they often have unrestricted access to files and processes, and because traffic between them is usually unregulated. Liz Rice, technology evangelist at Aqua Security and software developer with three years of experience in container technology, describes the steps your organization should take to secure container deployments.

The anatomy of an RCE: Are open source vendors repeating app sec mistakes?

Remote code execution flaws allow attackers to run malware of their choice on compromised web application servers with the same privileges as the server itself. Among other things, RCE vulnerabilities give attackers a way to escalate privileges, pivot into the network, and gain access to critical databases and assets. Unfortunately, vendors of open source software are contributing to the problem by unwittingly repeating practices that jeopardize application security, says Alvaro Muñoz, principal software security researcher and application security specialist at Micro Focus.

DevSecOps and GDPR: How to go from requirements to deployment

The European Union's General Data Protection Regulation (GDPR) has substantially complicated the task of integrating security into the development lifecycle for companies that handle large volumes of sensitive personal data on EU residents. Ossecsoft co-founder and veteran security engineer Johanna Curiel gives the lowdown on DevSecOps in the GDPR era. This practical guide walks you through the steps you'll need to take to ensure that your organization's DevSecOps practices comply with the GDPR's application security requirements.

Why APIs are critical for security operations

Poorly integrated threat detection and mitigation tools can hinder enterprise security, rather than enhance it. Visibility, speed and efficiency are all affected when security analysts keep hopping between tools because the tools don't speak with each other, as they should. Vendors have begun to offer prebuilt integrations in their products to address this issue. But these integrations have limited value, which is why application programming interfaces may be the better way to go, argues Marius Iversen, senior platform engineer and enterprise security innovator at Rotterdam-based telecommunications firm KPN.

8 ways to bolster Kubernetes security

Kubernetes plays a crucial part in maintaining container infrastructure security because of how it affects authentication, authorization, resource isolation, and other key security runtime functions. But many Kubernetes adminintration consoles are completely open to the Internet,  without even password protection. Freelance journalist John P. Mello Jr. spoke with security experts from Aqua Security, Google, Red Hat, and others to compile this list of eight best practices that organizations should follow to boost Kubernetes security.

How machine learning boosts application security testing

Using manual methods to triage the results of application security takes time due to the sheer volume of data involved. This is especially true of static code analysis, where results can sometimes run into thousands of pages and developers don't have the time to wait for results to be manually audited. One way to alleviate the issue is to apply machine learning models to test data, says Stan Wisseman, security strategist at Micro Focus and 30-year veteran in the information security field.

Security testing is unlike other QA: What you need to know

Organizations that assume security testing is just like any other QA test, and incorporate it into the same places where they do all their other functional, performance, and integration tests are making a mistake. Security tests are rarely as conclusive as the pass/fail results of other QA tests, because of the constantly shifting nature of the threats that apps need to be protected against. Cisco senior DevOps engineer Tony Rice, who has more than 20 years of app sec testing experience, shares what you need to know about the difference between security testing and QA tests.

Why the hack-back is still the worst idea in cybersecurity

With cyber attacks and data breaches on the increase, there's growing support for the idea hacking back at criminals that are attacking your organization. Legislation introduced in 2017, the Active Cyber Defense Certainty Act, proposes giving organizations—and even individuals—the legal authority to strike back at cyber attackers. But freelance security journalist Robert Lemos explains why hacking back is a bad idea, offering up advice from such security experts as Bruce Schneier at IBM Resilient, Josephine Wolff at the Rochester Institute of Technology, and Chris Porter at FireEye.

How to leverage social media data in your SIEM platform

Attackers are exploiting loopholes in social media platforms such as Facebook, Twitter, and LinkedIn to steal credentials, access data, snoop in on vendor and employee-to-employee communications, and conduct other malicious activities. Combining data about such social-media-borne threats with internal telemetry from an SIEM system can help better protect enterprises against social media risks. But getting the information you need from social media providers is challenging. Micro Focus technical consultant Lee Shin Yau, who has more than 20 years of experience in information systems infrastructure, explains why an open-source exchange can help.

How to get your SIEM up to speed for GDPR

Many organizations use security information and event management systems to centrally collect and correlate log and event data from sensors and other threat detection systems on the network. SIEM systems can help enterprises detect and respond to threats faster by providing continuous visibility of security events on the network. Freelance writer Jaikumar Vijayan examines the implications of the EU's GDPR on SIEM use and lists several best practices for tuning SIEM for GDPR based on conversations with experts from RSA, the Cloud Security Alliance, and LogRhythm.

[ Partner resource: Take Security Journey's first two white belt modules for free ]