BetaNews Staff

In this article, I will try to answer several important questions related to identifying, classifying, prioritizing, and eliminating vulnerabilities in a timely manner, as well as how to automate the vulnerability management process.

Let me start the article by defining the classic process of finding and eliminating vulnerabilities.

Continue reading →

Over the last two years, organizations everywhere have built hybrid collaboration strategies from a variety of platforms and services in an effort to blend the most useful features. This is understandable given the rapid acceleration in the adoption of digital collaboration tools throughout 2020, which played a huge role in keeping the economy moving.

Since then, businesses have grown to rely on their collaboration capabilities as part of their ongoing approach to hybrid working. But in many cases, this has given rise to a somewhat cobbled-together approach, delivering user and customer experiences that work but aren’t entirely optimized.

Continue reading →

Modern applications need to be fast, available, and secure. They are composed of many microservices, often supported by multiple data services. Managing each of these data services in a dynamic, Kubernetes world is complex, time-consuming and leaves little time for innovation.

Managing stateful applications on Kubernetes in production is difficult. According to a Pure Storage survey, the most important customer requirements are: 

Continue reading →

Some trends come quickly and disappear from the scene. For example, artificial intelligence was going to be the savior of cybersecurity, but this trend has turned out to be a smokescreen.

Here are five SAP application security trends that are here to stay.

Continue reading →

The constantly-evolving email encryption landscape is a tell-tale clue as to email’s vulnerability. Email service providers and encryption software makers must continually up their game because they know organizations use email to transmit their most sensitive content -- a fact that makes a valuable high-priority target for cybercriminals.

Sending a document via email is like writing it on the back of a postcard and popping it into the mailbox, for it to then be read by every single person who handles it on its journey to its destination. When you click "send" on an email it travels through firewalls, ISPs, servers, virus checkers and even data harvesting bots. It is stored, saved, copied and forwarded multiple times without any form of encryption. What this means is that email can very easily be compromised and the important data contained within it can be read and downloaded by unscrupulous third parties.

Continue reading →

Most development teams struggle early in the process of shifting to cloud native application development and deployment. Their existing tool chains that have served them well in the past struggle with them as they attempt to scale their deployment footprint. The last thing they want to do is invest time in becoming experts in deployment. They don’t want to create or troubleshoot a deployment process -- they want to code with a GitOps approach, and know their software has been deployed successfully, is working as expected, and providing value to the customer. How can team leaders satisfy those desires? Automated continuous deployment. Continuous deployment simplifies delivery, ensures the software works at each deployment stage and allows developers to focus on what they do best.

When it comes to the development cycle, faster is better. Companies with higher release rates generate four to five times higher revenue growth than those pushing updates less often. To keep up with the competition, fast and efficient deployment of quality, stable software is the priority.

Continue reading →

The payments ecosystem is increasingly dynamic and so too is the fraud landscape that threatens it. The UK is the second-largest country for online transactions in 2022; this is set to continue, despite ongoing global supply chain issues and inflationary pressure. At the same time, this increase in online transactions brings another problem: digital commerce fraud.  

Merchants need to have a detailed understanding of their payment profile to manage threats and balance risk. According to the Merchant Risk Council, the amount merchants spend to tackle online fraud increased five-fold between 2019 and 2021. In 2019, eCommerce merchants spent an average of 2 percent of their annual revenue on fraud prevention. By 2021, that share had grown to 10 percent. However, it’s a battle merchants are continuing to lose, especially in the UK. Additional data collected from Merchant Machine suggests that the UK has the highest number of fraud cases per 1,000 inhabitants (123), with €10,414 stolen by fraudsters for every 1,000 citizens. 

Continue reading →

During the pandemic, companies with a strong understanding of their business as a whole, including employees, partners, customers and even suppliers, fared better than those without the ability to review and use data to drive growth.

History has shown that the greatest weapon against uncertainty is information. Understanding your business at a microscopic and holistic level is now more important than ever, as the threat of a recession looms. This means that information must be treated as a central tool in leading all businesses through any potential storm.

Continue reading →

In the face of supply uncertainty, increasingly urgent environmental goals and surging price rises, the energy industry finds itself under immense pressure to innovate. At the same time, the competition to attract and retain customers is intensifying, with consumers also looking for an effective digital experience, alongside transparent consumption data and control.

Given these opportunities and challenges, how can the energy industry find fresh and innovative approaches to deliver what each stakeholder wants?

Continue reading →

Artificial Intelligence (AI) remains hard to define. When it comes to a definition of "intelligence", context is vital and it starts with what we want the AI system to do. It is specific to the application. For example, intelligence for a search engine shouldn’t be the same as intelligence for an autonomous vehicle.

Now, with AI systems already in widespread production for more than a quarter of enterprises, businesses must ensure that employees are upskilled to effectively define and implement AI systems, and understand how to manage these systems safely in the workplace. But what does that look like in practice?

Continue reading →

IT production environments are an essential part of any modern business organization. Today, it’s virtually impossible for an enterprise to function effectively without a defined set of IT solutions. The amount of data managed and needed to run business is growing exponentially, congruent with the amount of data needed to guarantee that these IT environments are always available. These two facts alone create a strong case for the Intelligent Automation (IA) of IT, because data really is the lifeblood of modern business. However, simply generating and managing reams of data is not enough. To derive tangible value from any data, organizations must ensure that the data generated is comprehensive, verifiable, and accurate. Failure here can render data meaningless and lead to poor decision making.

The quality and depth of data can be a game-changer for businesses, and while the human brain is an amazing organ, it can only do so much at once and maintain consistent performance levels. AIOps, the integration of AI in IT operations, on the other hand, leverages the power of machines to enable organizations to accurately comprehend and control the growing complexities of data-driven business ecosystems As more organizations embrace complete operational digital transformation, it’s critical that the data generated is intelligently gathered, organized, analyzed, and optimized. This is where AIOps delivers exponential value through the ability to take data and add context, intelligence and value, driving actionable insights and better-informed decision making. AIOps underpins the drive towards maximized ROI, minimal loss, and delivering complete customer satisfaction.

Continue reading →

Imagine a future in which every person, object, and service is connected to the internet. Your car knows your destination before you do, your fridge restocks itself, and your doctor can remotely monitor your health. Now imagine that one day, all of those interconnected devices get hacked at once. Your car suddenly careens off the road, your fridge emits a deafening alarm, and your doctor’s office is flooded with false patient data.

This nightmare scenario is becoming increasingly likely, as the world becomes ever more connected and reliant on technology. And it’s not just consumers who are at risk -- businesses are, too. A single cyberattack can cost a company millions of dollars, and the price is only going up as hackers become more sophisticated.

Continue reading →

Imagine you are about to sit down to play a game with a friend. But this isn’t just any friend -- it’s a computer program that doesn’t know the rules of the game. It does, however, understand that it has a goal, and that goal is to win.

Because this friend doesn’t know the rules, it starts by making random moves. Some of them make absolutely no sense, and winning for you is easy. But let’s just say you enjoy playing with this friend so much that you decide to devote the rest of your life (and future lives if you believe in that idea) to exclusively playing this game.

Continue reading →

You have probably heard about honeypots -- bait targets used to attract and detect hackers. In recent years, this technology has been upgraded and is now collectively called Deception.

Today, deception technology is represented by quite a few vendors. The most famous are Illusive Networks, TrapX, Fidelity Security Deception, and Cymmetria. In this article, I plan to talk about deception technology from the developer's point of view and tell you what makes it interesting. But first, let us talk about the forerunner of this technology -- honeypots.

Continue reading →

In late August, the UK government introduced new cybersecurity rules aimed at protecting telecommunication networks against cyber attacks. The rules, which allow the government to boost the security standards of the UK’s mobile and broadband networks, come at a time when attacks on critical infrastructure are becoming more frequent and more dangerous.

Earlier this year, for example, Costa Rica was thrown into crisis after a ransomware attack affected 30 government institutions, including critical ministries and its social security fund. The group behind the attack, known as Conti, threatened to overthrow the government unless the US$10 million ransom was paid. With the help of international partners -- including the United States, Israel, Spain, and Microsoft -- it was able to get all its systems back online, but it took weeks. Montenegro, meanwhile, also saw critical digital infrastructure crippled following a cyber attack blamed on state-sponsored actors. The attack effectively sent some government departments back to the analogue era and was still being wrestled with more than three weeks after it was first detected.    

Continue reading →