TFiR

Cyberattacks on critical infrastructure are no longer hypothetical—they’re a growing reality. From manufacturing and energy to water and healthcare, the systems we rely on most are under siege. The recently published CISA Sectors Critical Infrastructure 2024 Report by Securin dissects over 1,700 cyber incidents, revealing over 3,000 vulnerabilities in manufacturing, a 30% increase in energy sector risks, and 800 vulnerabilities affecting water and waste systems. In a recent episode of?Secure by Design,?Kiran Chinnagangannagari, Co-Founder and Chief Product & Technology Officer at?Securin Inc., Inc., talks about the report’s most pressing findings. Threat actors are increasingly targeting smaller entities, with geopolitical tensions shaping attack strategies. The findings emphasize the need for proactive security, early warning systems, and stronger incident response capabilities. Securin’s solutions aim to enhance visibility into attack surfaces, promote secure coding, and provide adversarial intelligence to help organizations defend against today’s evolving threats. “We’re seeing a steady increase in vulnerabilities in the manufacturing sector, and it’s not just limited to just that,” Chinnagangannagari notes. “There’s also a significant jump in vulnerabilities in the energy sector, and that’s a concern because these are critical systems we rely on every day.” https://lnkd.in/ejCFh-82

Last year in October,?Bloomberg?and?Tetrate??joined forces?to create a community-led set of core?AI?gateway features for enterprise AI integration. This collaboration has now resulted in the first release of?Envoy AI Gateway, an open source project that aims to improve enterprise AI scalability and governance. The gateway provides a standardized approach to managing AI infrastructure, ensuring compliance while simplifying developer workflows.https://https://lnkd.in/ecnrU3mk Featuring: David Wang Topics: #ai #opensource

The BSIMM15 report from Black Duck?reveals how?security?practices are adapting to increased government regulations,?AI and ML-related risks, and shifting training strategies. The annual study, now in its 15th year, finds that organizations leveraging cloud platforms tend to have stronger security postures. These organizations integrate penetration testing, automation, and proactive threat mitigation into their?security?practices. A major theme this year is the rising emphasis on supply chain security, driven by stricter regulations from governments in the United States, the European Union, and other regions. Jamie Boote, Associate Principal Security Consultant at?Black Duck, explains that the report had initially focused on early adopters of secure software practices. However, it has since expanded to analyze industry-wide security trends. The report tracks how companies integrate security throughout the software development lifecycle, providing a catalog of best practices. As organizations face heightened regulatory scrutiny, they must now scrutinize third-party software, open source dependencies, and vendor security measures to remain compliant. https://lnkd.in/gGN5S9ec

In this clip, Scott Sellers, CEO and Co-Founder of Azul, discusses the ease of migrating from Oracle Java to OpenJDK alternatives. He explains that, thanks to their shared OpenJDK codebase and consistent compatibility tests, these migrations usually require only basic software installation and configuration changes, avoiding complex IT overhauls. According to Azul’s State of Java survey, 84% of organizations reported the migration was as expected or easier, underscoring the reliability and maturity of OpenJDK-based solutions. https://lnkd.in/eud6kueM #java

"How do you take something that can take people 15 years to get really great at, and democratize that so every person in your organization — even if they’ve only been there for 2 weeks — can access that same institutional knowledge when that alert fires." Transposit CEO Divanny Lamas shares with TFiR ???? At Transposit, this is our goal: to enable every on-call engineer to manage issues and incidents effectively by unlocking the institutional knowledge that is too often buried deep in your tools or people's heads. It's time for us all to feel like experts in those critical moments.