Blog

Emily Heaslip

August 24, 2021

The vulnerability management lifecycle reflects the fact that cyber defense is a full-time occupation. Vulnerability management should be iterative, with constant monitoring, documentation, and review of your organization's security protocols and defense. From updating your software to recording new patches, vulnerability management is a constant process that benefits from automated tools like Nightfall.

Emily Heaslip

August 17, 2021

Indicators of compromise are the red flags of the information security world. These helpful warnings allow trained professionals to recognize when a system may be under attack or if the attack has already taken place, providing a way to respond to protect information from extraction.

Emily Heaslip

August 17, 2021

Social engineering is a type of cyber attack that targets people to gain access to buildings, systems, or data. Social engineering attacks exploit human vulnerabilities to get inside a company’s IT system, for instance, and access its valuable information.

Chris Martinez

August 10, 2021

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

Emily Heaslip

August 9, 2021

Recently, Facebook announced a new initiative aimed at protecting how its users’ data is managed across its platforms: the Data Protection Assessment. The assessment consists of a questionnaire for apps that access advanced permissions and specifically focuses on how developers protect, share and use platform data.

Emily Heaslip

August 4, 2021

When businesses think about maintaining cybersecurity, the first thing that comes to mind is often endpoint and network security. However, web application security is becoming increasingly important. There have been numerous high-profile attacks on web applications in recent years; in 2020, for instance, the Twitter accounts of famous people were compromised as part of a bitcoin scam.

Michael Osakwe

August 4, 2021

It’s no surprise that cloud adoption continues to be a major force impacting organizations today. A 2020 McKinsey survey indicated that many organizations saw several years worth of digital transformation take place in 2020.

Michael Osakwe

July 28, 2021

Historically, processing claims, forms, and legal documents was an expensive and time-consuming affair that took place over fax and mail. DocuSign is one of the oldest companies in the electronic document processing space.

Michael Osakwe

July 26, 2021

Security teams that work in highly regulated industries or build solutions for consumers must adhere to compliance controls and regimes required for their business. One of the most important compliance requirements for many companies is the SOC 2 audit. The SOC 2 audit provides detailed information and quality assurance about essential security factors such as the confidentiality of data under your organization's stewardship, privacy controls, and many other standards.

Michael Osakwe

July 19, 2021

Last month we hosted a webinar dedicated to discussing the issue of codebase security. As trends like secrets and credential exfiltration continue to be of concern within systems like GitHub, threats, such as cryptojacking and supply side attacks, have become more of a problem.

Chris Martinez

July 16, 2021

Data warehouses power your data analysis and business intelligence operations so you can level up your knowledge and progress toward bigger business goals. Like any key component of your tech stack, using data warehouses effectively also requires care and caution — especially when uploading and sharing sensitive information.

Emily Heaslip

July 16, 2021

The National Institute of Standards and Technology (NIST) is part of the US Department of Commerce and was founded in 1901. NIST was originally established to help the U.S. industry become more competitive with economic rivals and peers, such as the UK and Germany. NIST prioritizes developing measurements, metrics, and standards for technology used in different industries.

Chris Martinez

July 16, 2021

Infosec leaders have a lot of corners to cover in their cybersecurity strategy. When crafting the tactics and onboarding the platforms that will protect sensitive information, the checklist of requirements could be missing a very important vector for attack, compliance risk or data loss: application logs.

Chris Martinez

July 14, 2021

The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

Emily Heaslip

July 13, 2021

GLBA compliance isn’t something to take lightly. These measures are strictly enforced by the Federal Trade Commission (FTC). In 2018, for instance, Venmo and its parent company PayPal reached a settlement after complaints about the company’s handling of privacy disclosures.

Michael Osakwe

June 29, 2021

Dropbox is known for being a convenient file sharing and storage tool. For over a decade, Dropbox has allowed teams to collaborate cross- functionally by providing a single source of truth. With files being managed and synced to a central location, teams can work together without issues of version control. Even in a post- Google Drive and OneDrive era, Dropbox remains important, as not everyone uses the same productivity suites.