Comcate’s Post

We're on a streak with our '𝑻𝒓𝒂𝒊𝒍𝒃𝒍𝒂𝒛𝒊𝒏𝒈 𝑻𝒓𝒊𝒖𝒎𝒑𝒉𝒔' and just hit another major win! 🏛️A top-tier California law firm within the AmLaw 150 rankings has chosen FileTrail Governance: Physical & Digital. They're on a mission to revolutionize information governance, breaking down data silos for better security, access control, and information flow. Their choice underscores a shared vision for secure, efficient data and client management. We're honored to support their commitment to excellence and competitive advantage through advanced data protection and management. 🔍 Learn More: Intrigued by how we're setting new standards in information governance together? 👉 Explore the journey at www.filetrail.com/

Securing software supply chains is more critical than ever, but integrating DevSecOps practices without hindering development speed is a challenge. Join the Techstrong Group roundtable discussion on August 12 with industry experts from Mend.io and us on shifting security left in the development process seamlessly. Key Takeaways: 1) Integrating DevSecOps Smoothly 2) Overcoming Implementation Challenges 3) Optimizing Developer-Friendly Security Processes Sign up today https://lnkd.in/enXmpuGg

With so much going on post-incident, it can be easy for certain follow-up actions to slip through the cracks. This is exactly what we're solving for with Suggested Follow-ups 🤝 With them, you can stay organized and never miss a beat with AI-powered follow-ups that capture crucial discussions and action items that may have been forgotten. ✅ Efficiency ✅ Speed ✅ Peace of mind

#operationsmanagement hack: you can use Outlook as an LSW. It’s not as awesomely customizable as a fresh sheet of blank paper, but it works and can be viewed by multiple members of the organization.

#Certificate In this webinar, Pat Patterson, Chief Technical Evangelist at Backblaze, will present a deeper look at Object Lock. Pat will explain Object Lock's governance, compliance, and legal hold modes, how to enable Object Lock at the bucket and file level, and how to take advantage of Object Lock in your own applications.

#Resilience is something that we talked about after an accident. I like the youtube video posted by Bob Lord - watch it. Here are the points from a Gartner report of about 2015 IAM Principles of Resilience based on Gartner 1 RISK CULTURE - Stop focusing on checkbox compliance, and shift to risk-based decision making. 2 OUTCOME FOCUS - Stop solely protecting infrastructure and begin supporting business outcomes. 3 BETTER FACILITATE- From defender to facilitator balance protecting with delivering business outcomes. 4 MAKE WORKFLOW - From trying to control information flow to understanding how it flows and risks. 5 PEOPLE-CENTRIC - Accept the Limits of Technology and Become People-Centric. 6 INCLUSIVE - Ensure that the greatest good for the greatest number applies to the entirety of society and not just large corporations. 7 DETECT RESPOND - Stop striving for 100% protection and invest in detection and response. Gartner’s researchers predict by 2017 50% of IT spending will occur outside of traditional IT department control. They note we are at an intersection of two extraordinary digital trends. These include the ongoing transformation of digital business and the ever-growing capacity and capability of adversaries. 

The Fact that I'm taking a dive into application development doesn't mean I've thrown away my CyberSpirit. Just finished with the OWASP Top 10 room, where I learnt about: 1. Broken Access control 2. Cryptographic failures 3. Injection 4. Insecure design 5. Security misconfiguration 6. Vulnerable and Outdated Components 7. Identification and Authentication Failures 8. Software and data integrity failures 9. Security and monitoring failures 10. Server Side Request Forgery (SSRF)

This post from Bob Lord ranks as one of the most valuable posts I've seen on LI this year. Watch it. I was fortunate to be exposed to some of these principles about system design and resilience in my academic work in Chemical Engineering before I came to software & security. Too many startup founders "normalize deviance" (see video reference to Diane Vaughn writing on the Challenger Launch Decision). The standout quote from RIchard Cook's remarks is "What is surprising is not why there are so many accidents, its that there are so few". In the diligence work I do for VC & PE firms, understanding a "hot" startup/acquisition/investment target's internal practices in managing their operating posture as they move between the economic/operator/failure boundaries is a good predictor of whether they will survive/thrive or be enmeshed in crises (taking their customers down). Seriously - watch this video for a terrific framework to understand and evaluate risk.

This partnership is really taking off! Taking a programmatic approach and upscaling your developers is an effective way to improve your operational efficiency and reduce costs.

Mend.io and Secure Code Warrior's webinar focused on taking charge of vulnerability alerts kicks off in 10 minutes! Register below to listen in on your lunch break or to receive the recording.