BetaNews Staff

Already an attractive option for a variety of consumer applications, crowd sourcing is now catching on in the corporate world. One emerging area of crowd sourcing is bug bounty programs. These are rewards offered by organizations to security researchers or whitehat hackers, who receive recognition and financial compensation for finding and reporting bugs, exploits and vulnerabilities in the organizations’ websites and applications.

As a technology company or security professional, it’s easy to see the attraction of running bug bounty programs. But these programs are not without risk, and timing can be a critical factor. Unless they are managed carefully, bug bounty programs can come with serious consequences for your overall security posture.

Continue reading →

They’re calling 2016 "the year of the chatbot". From diverse sectors such as dining, travel and retail, chatbots are increasingly being used for a variety of different purposes. This is part of a broad shift away from point-and-click based apps to chat-based user interfaces. Software development is no exception to this trend -- GitHub is credited with coining the term "ChatOps" back in 2013 when it created Hubot, its open source chatbot to help with DevOps practices.

Initially designed as an integration with messaging apps such as Campfire, Hubot has since been starred over 11,000 times on GitHub, and a variety of companies, from Box to Lyft have begun embedding them in their own development workflows.

Continue reading →

The use of mobile devices continues to increase, with there being no sign of it slowing down anytime soon. The use of mobile apps is also increasing and is completely dominating mobile internet usage, so it’s no surprise that enterprises are investing in mobile apps in order to boost the impact of their product or service.

The most dominant channel through which to download consumer apps is through stores such as Apple’s iTunes and Google’s Play Store, as well as some third-party marketplaces. A large corporate organization will need to ensure that all information placed within their mobile app is secure. Whether the app is for internal employee use alone, or will be shared with customers, security must be the top priority.

Continue reading →

In September 1996 New York City’s original Internet Service Provider, Panix, was hit by a SYN flood denial of service attack that took the company offline for several days. At a time when only 20 million Americans were online this was one of the first high profile examples of how fragile internet infrastructure could be.

Fast forward 20 years and businesses and individuals are now hugely dependent on the Internet services they both offer and use, and the primary threat to the availability of those Internet is the distributed denial of service (DDoS) attack. DDoS attacks have evolved consistently over the last 20 years and have moved from being a curiosity, to a nuisance, and, now, to a serious business continuity risk.

Continue reading →

As the evenings get darker and the countdown to the New Year starts, the abundance of 2017 technology predictions begins. But what was predicted to take off in 2016?

Let's take a look at the trends and services that didn't take off quite go mainstream last year and whether this year could see them come to fruition.

Continue reading →

Technology in the workplace is developing at a blistering rate. Both consumer tech and uniquely business-orientated innovations are completely changing the working environment, from the boardroom to the basement. Many innovations, such as company-wide instant messaging are now the norm, but we want more. We want our environment and our appliances to think with us; keep our calendars, book our holidays and take care of our daily routine -- and new technologies are being developed every day to help us achieve this.

The year ahead will undoubtedly bring about change and progress towards this future. Below are five innovations that are at the moment in their infancy, but will have a drastic impact over the next year:

Continue reading →

Today businesses are working in more agile and digitally connected ways. What’s more in the case of new software development projects, DevOps is a buzzword that chimes with this sentiment. But what does it mean and how should we view it? Is it a job role? Is it a team? A product? A vision?

Quite simply, DevOps is a mind-set. When companies choose to expand development across the organization they are driving collaboration. This adds powerful value back to enterprise leaders, who have the interests of the customer at heart. What makes it a mind-set is that its success depends on a combination of people and behavior changes.

Continue reading →

An impressive and user-friendly digital presence is an indispensable asset to any brand. It is often the first point of contact for customers who expect and demand great functionality and engaging content across multiple platforms. The finding that nearly half of us won't wait even three seconds for a website to load bears witness to ever increasing customer expectations which must be met.

Partnership with a digital agency can be a great way to keep up to speed with rapid change and innovation, but, to ensure the very best outcome, both client and agency need to find an optimum commercial, creative and secure cultural fit. This should be a priority for both sides from the very first pitch. The promise of exceptional creativity and customer experience is one thing, but considering the more practical aspects of how the relationship will work is entirely another.

Continue reading →

Threat intelligence is a popular topic in security circles these days. Many organizations are now using a threat feed that comes bundled with some other security product, such as McAfee’s GTI or IBM’s X-Force feeds. Lots of products, notably SIEMs, have added support for some sort of integration with specific threat intelligence feeds or more generic imports via STIX/TAXII. With many now hoping to take advantage of the large number of open source and free intelligence feeds available. Some are even investing in commercial intelligence feeds.

However, as many organizations quickly discover, without effective management of the threat intelligence lifecycle, making effective use of this valuable information is nearly impossible. Today, an organization has two choices for managing threat intelligence, these are to deploy a threat intelligence management platform, or a manual in-house management program. The steps required to set up a manual threat intelligence lifecycle program will be outlined below for those who prefer this approach.

Continue reading →

Compliance with requirements and regulations is an ongoing challenge for businesses. In the cyber security space, the threat environment is constantly changing, and organizations have to meet some 500-600 different regulations and laws, as Internet of Things (IoT) devices proliferate and new, massive Distributed Denial of Service (DDoS) attacks are seen on a near-daily basis. As technology continues to evolve with such innovations as cloud computing and Big Data, security professionals are on a never-ending quest to stay up to speed on security controls and best practices.

It’s no secret that cyber security issues have increased in prominence and seriousness over the past several years. Starting with the infamous Target data breach, organizations are becoming more and more aware of potential risks they face as well as becoming more quick to adapt to changing risks, regulations, laws and situations. As we’ve seen regulatory changes happen almost overnight, it has become essential for organizations to have a reliable process for ensuring their compliance management is up to speed, as well as a system of checks and balances to prove it. For companies, especially those operating in highly regulated industries such as finance and healthcare, the challenge to stay up to date is even more paramount.

Continue reading →

Security has never been a more pressing issue for businesses than it is now. Mobile working, the proliferation of increasingly sophisticated, connected devices, and the growing number of applications relied upon by the modern enterprise all represent potential risks that weren’t apparent in generations past.

There is a growing fear about the level of damage that cyberattacks could bring, so much so that the United Kingdom has launched a £1.9bn National Cyber Security Strategy to prevent such attacks.

Continue reading →

Did you know that many world renowned marketers use marketing automation to reach out to their audience? The statistics further claim that 63 percent of companies successful in Marketing Automation plan to increase their Marketing Automation budget.

However, there is always the question of whether companies are making the best use of marketing automation technology for the best results. For instance, as a small and medium-based business, you can employ an ideal automation tool like GetResponse  that will ensure the desired ROI.

Continue reading →

Hackers are having a moment. As high-profile breaches have become the norm over the last few years, more and more enterprise organizations have turned to bug bounty programs. As a result, the idea of hacking for good has finally begun to resonate with the general public. This rise in popularity has inspired many, from aspiring hackers to seasoned security professionals, to join the hunt and seek out bug bounty programs to "hack on".

As an information security professional by trade and a hacker by heart, I’ve had years of experience hacking for good. From my days as a penetration tester and security leadership roles at HP Fortify, Redspin and Citrix to hacking on bug bounty programs of all sizes, I have spent my life hacking for good -- much of this experience has been hacking on bug bounty programs.

Continue reading →

The DVSA (Driver and Vehicle Standards Agency), which focuses on improving road safety in Britain by setting and enforcing the standards for vehicles, driving and motorcycling, is transforming its technology landscape from primarily outsourced contracts to in-sourced agile delivered services using a combination of vendors and employees. As part of this, the agency has deployed a technology service desk.

Known as the Technical Support Service, it supports the DVSA’s new MOT software application currently in use by thousands of MOT testers around the UK delivering around 150,000 MOT tests daily. Here I will explain the modernization journey and why it was vital to support the agency’s strategic direction.

Continue reading →

The web-enabled generation has become increasingly reliant on technology for everyday activities. Cloud services, social networks, web extensions, plug-ins and online games, are all growing in popularity and as such, are replacing desktop applications. This heightened use of mobile web-browsers has opened the back door to cybercriminals, who now have new channels to implement browser-based attacks, spread malware and maximize infection campaigns.

Traditional "man in the browser attacks" (MITB) have been given a new lease of life as a result of the latest types of malware, distribution models and special features. Cybercriminals are becoming ever more sophisticated, injecting JavaScript code into web pages to steal user credentials or hijack data, such as those used for online banking.

Continue reading →