Daily Archives: April 23, 2019

TrustArc Recognized as 2019 Bay Area Best Places to Work

TrustArc, the leading data privacy management company, has been recognized as a winner of the 2019 Bay Area Best Places To Work, an awards program presented by the San Francisco Business Times and the Silicon Valley Business Journal!   Select employers from the Bay Area were named winners of the awards program, held on April 18, 2019. These winning organizations were honored for having created exceptional workplaces that their employees value highly. Award applicants were evaluated and ranked across five categories according to the number of Bay Area employees. The ranking found companies in the region whose employees rate them as … Continue reading TrustArc Recognized as 2019 Bay Area Best Places to Work

The post TrustArc Recognized as 2019 Bay Area Best Places to Work appeared first on TrustArc Blog.

Veracode Is Named a Leader for Sixth Time in Gartner Magic Quadrant for Application Security Testing

Veracode has been named a Leader in the Gartner Inc. 2019 Magic Quadrant for Application Security Testing, marking our sixth year as a Leader.

We’re excited to again be recognized as a Leader in the industry. We believe Gartner continues to place Veracode in this position because of our vision in application security testing and our ability to cover the entire software development lifecycle (SDLC), from code to deployment, with services and support that help development teams with challenges, and a new analytics engine that shows performance in real-time.

It has been an incredible start to the year – customers are scanning more applications than ever before with Veracode, and are achieving unprecedented results with their AppSec programs. We’re dedicated to helping companies achieve a frictionless SDLC in which security and development teams work in collaboration without slowing down business outcomes.

The AppSec market is growing at a rapid pace, and far more quickly than other security sectors.

The report’s authors, Ayal Tirosh, Mark Horvath, and Dionisio Zumerle, state in the report: "Through 2022, the AST market is projected to have a 10% compound annual growth rate (CAGR). This continues to be a fast-growing segment in the information security space, which itself is expected to grow at at five-year CAGR of 9%. The AST market size is estimated to reach $1.15 billion by the end of 2019."1

It’s not difficult to understand why – 111 billion lines of new code are written each year, a figure that will only go up because software powers the world around us. And that software is constantly being updated, and must be kept secure to prevent vulnerabilities from being exploited by both sophisticated and simplistic attacks. A new layer of complexity arises when you take into account compliance with privacy laws such as GDPR and PCI that seek to ensure companies have policies and practices in place to protect data.

Companies across industries are changing how they create and use software, seeking a competitive edge by taking modern approaches such as DevSecOps, Agile, microservices, cloud native apps, and APIs. However, these changes mean that organizations face even greater challenges to secure software that is being created rapidly and in new environments.

Veracode has redoubled its efforts to bring innovative products to customers to help them not only meet the challenges they encounter, but also to make secure software one of the reasons they are emboldened to change the world. Our solutions are designed for developers to excel at their jobs while coding securely.

We recently enhanced our platform with accelerated dynamic application security testing (DAST) using a new scalable architectural approach that allows for seamless deployment. With Veracode DAST, customers can easily configure to scan internal applications in the cloud, within containers, on a virtual machine or bare metal; customize scans for organizational compliance; and scan multiple applications using a single endpoint.

In addition, our focus on developer needs remains a core value at Veracode:

  • Veracode’s Software Composition Analysis (SCA) offering currently covers more than 1.9 million different and unique open source libraries, and almost 17.3 million different versions of those libraries.
  • Veracode Greenlight finds security defects in your code in seconds so you can fix findings directly in the IDE.
  • We support more than 100 languages and frameworks, including support for Go, Scala, and Python.

The thinking around software security is changing – is your company changing with it?

To download the 2019 Gartner Magic Quadrant for Application Security Testing, please visit here.

1. Gartner, Inc.  “Magic Quadrant for Application Security Testing” by Ayal Tirosh, Mark Horvath, and Dionisio Zumerle, April 18, 2019.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Here’s a Codicil to Add to Your Will – Disposal of Your Digital Assets

Codicil to Add to your Will – Disposal of Your Digital Assets

We were still in shock over the sudden demise of a dear family friend. But the bereaved family had no time for grieving. The gentleman had not left any will and no one had any clear idea about his financial and physical assets. The family was running from pillar to post, trying to sort out the mess.

Tomorrow, you and I will go meet our lawyer and find out how to draw up our will. I want us to leave everything in order, with specific instructions, so that there are no complications for the kids later,” announced my spouse one fine morning.

I readily agreed; however, I had a question.

OK, but what about our digital assets?”

The spouse looked confused and so I continued, “Shouldn’t we also make arrangements for how we want our digital assets to be handled post our decease?”

Most of us in the age group of 40-60 years are active in the digital world in a big way, with multiple online accounts- from social media, banking, travel booking, trading, e-mail, e-transaction to blogs, e-wallets and home service. We share personal photos and videos online. We also deal with virtual currency, the records of which are stored online. The sum of all this digital data is loosely termed as our digital asset.

You may wonder what’s the big deal about a will for digital assets as some may not even have any monetary value. Well, it will help in identifying your legal successor who can take decisions about your online accounts. Otherwise, your beneficiaries will have to run around searching for passwords, filling up forms, submitting requests at various places and so on. Secondly, your families need to know about any outstanding bills you may have received via email or credit card program, or financial payments due to you.
A will outlining usernames and passwords for all accounts and detailing what you want to be done with your digital asset will make it easier for your beneficiaries to take the right actions. Also, it will allow your family to continue receiving the payments from your online investments, or even payment from your blog site!

Prepare ahead

You can take any of these three steps:

a- Explain to your family about all your online accounts and passwords

b- Write down all details in a diary and keep it where it can be easily found

c- Create a will outlining your wishes and specifications regarding your digital assets

The first two options call for sharing passwords beforehand, something that you may not be comfortable with. So, the  third option is the best available. Go for it and your dear ones will bless you for your foresight.

Be proactive about your online presence

  • There may be content on your accounts you would not want others to see- We may create or download content that we would like to keep private. The best thing to do is to regularly sanitize accounts and delete what you don’t want others to see.
  • Inactive accounts and profiles are much in demand– cyber criminals want access to inactive accounts to create false IDs and fake profiles. They can also create problems for friends and families of the users.

While most of our generation limits themselves to a handful of social media accounts, below are a few handy guidelines to securing key social media accounts –

Facebook

The social media giant allows you to appoint a legal heir who can either opt to memorialize the account or delete it permanently. They will not offer login information to the family though.

Instagram

Just like Facebook, Instagram too offers the option of either getting an account deleted or memorialized, after they receive a valid request. They also pledge to take measures to protect the privacy of the deceased person by securing the account.

YouTube

YouTube does not yet offer any facility for preserving or deleting content created by users. In fact, it regularly deletes inactive or dead accounts, which is quite understandable, given the huge volumes of uploads per minute.

Twitter

It allows legal successors to place request for deactivation of the account. They will guide you through the process, which is similar to that of Facebook and Instagram.

LinkedIn

The legal successors/family members need to approach them with certain information and fill out a form shared on their site. They will then close the account and remove the profile.

Google

Sign into Google -> My Account -> Personal Info & Privacy -> Inactive Account Manager -> setup. Then add up to 10 trusted people who will be notified if you have been inactive for a specified period. You can leave them a last message and they can also download the data that you have chosen to share with them – like emails, passwords saved by Google, photos in Drive etc.

Or else, you can ask Google to delete your entire account after a certain amount of inactivity.

Microsoft including Outlook

Similarly, legal successors can inform Microsoft to close down the account and download any information you may have chosen to share with them.

In conclusion

So, you see if you leave everything written and registered in your will, your dear ones will have less to bother about. Also, it’s our duty as well, for this is the digital world and we are the digital natives. It is about time we start doing things right in cyberspace too so as to not leave behind a legacy of clutter, confusion and possible cybercrime.

Always keep your devices secured with advanced security tools like McAfee Total Protection so that cyber criminals don’t get to your data before your heirs do.

The post Here’s a Codicil to Add to Your Will – Disposal of Your Digital Assets appeared first on McAfee Blogs.

How Business can address the Security Concerns of Online Shoppers

It’s no secret that cybersecurity is an epidemic problem that affects online businesses on a global scale. E-commerce businesses are especially affected by data breaches because it weakens the consumer’s trust in online businesses to protect their personal data. In response to the growing number of breaches, governments and enterprises alike are stepping up to the plate to provide sustainable solutions to the problem.

The UK is aiming to become a world leader in cybersecurity by investing a substantial amount of money (to the tune of £70 million) in the Industrial Strategy Challenge Fund. The fund represents the government’s commitment to increase funding in research and development by £4.7 billion over a four year period. One of the primary goals of the investment will be to supply the industry with the money necessary to design and develop state-of-the-art hardware that’s more secure and resilient to common cyber threats.

The logic stems from the fact that cybercriminals are constantly finding new ways to exploit current technology, so the best way to combat future attacks is to design chips and hardware with stronger security features built into them to outpace cyber threats. However, this means businesses will have to invest in new IT systems as it rolls out to keep their security measures up to par.

For the time being, online business owners need to do everything in their power to address the privacy concerns of their users. In some cases, this might mean investing in more secure and modern e-commerce platforms that offer security features, such as TLS (still commonly known as SSL) protection and security software to protect against malware attacks, or simply generating new, strong admin passwords on a regular basis.

The fact is, there is no way to provide customers with a 100% guarantee their personal data is safe, but there are actions webmasters and companies can do to make their websites a lot safer to use by their customers. To help you learn more about how you can secure your site from cyber threats, Wikibuy has laid out 15 steps in the infographic below.


How Business Owners Can Address Online Shopping Concerns