Hello, security enthusiasts 👋

Welcome to the Bitwarden Monthly Newsletter! 

Passkey two-step login, including the use of FIDO2 security keys, is now available to all Bitwarden users. Read on to learn how it adds an additional layer of security to your account.

Interested in receiving Bitwarden release notes? Subscribe to get the updates delivered to your inbox. 

Hi readers!

Take this two-minute survey to help us improve the monthly Bitwarden Newsletter and deliver the information you care most about.

Featured Highlights

Bitwarden launched a survey of over 600 developers, and the results highlight a move towards modern authentication like passkeys in work applications. However, it also shows risky practices continue despite regular security training. Check out the full results for more insights, including the risk of the use of generative AI in cyberattacks.

Everyone deserves to stay secure online. Bitwarden envisions a world where no one gets hacked and offers a fully-featured free password manager for individual use. In this blog post about the September 2023 release, learn how Bitwarden brings passkey two-step login to all users while logging in to Bitwarden.

More Bits and Bites

What is smishing? How to help your team identify and avoid SMS phishing attacks

A shorthand for SMS phishing attacks, smishing refers to a fraud scheme in which would-be cyber criminals send individuals a text message that urges them to click on a link or download information. Protect your business from smishing attacks with these helpful tips.

How the Gramm-Leach-Bliley Act governs data security practices

Enacted by Congress in 1999, the Gramm-Leach-Bliley Act (GLBA) initially addressed modernizing the financial industry. It also laid out privacy and security requirements for financial institutions managing information on behalf of their customers. While the GLBA scope is expansive, this article centers on its regulation of data security practices and how an enterprise-wide password manager facilitates compliance.

How to protect your digital footprint

In an interview with Authority Magazine, Bitwarden CTO Kyle Spearrin stated: “Be careful with the breadcrumbs that you leave behind in your digital footprints. Try to use best practices for cleaning up your digital waste, and don’t share more information than necessary on the internet.” Check out these recommendations for protecting your digital footprint.

Use Panther with Bitwarden for SIEM to monitor Bitwarden events

Panther is a cloud-native SIEM solution that is able to process large amounts of data, allowing security teams to investigate security concerns for their infrastructure quickly and in a manner that’s easily understood. Panther detects suspicious activity and generates alerts for IT, DevOps, and site reliability engineering teams when a potential threat is identified. This resource details the benefits of using Panther and Bitwarden together.

Making Sense of SEC Cyber Reporting Rules

In July 2023, the Securities and Exchange Commission (SEC) adopted rules requiring companies to disclose “material cybersecurity incidents” within four days of discovering the incident, and to provide an annual update about their “cybersecurity risk management, strategy, and governance”. Read about how these rules affect publicly traded companies.

How to build the best cybersecurity tech stack for your business

According to the Bitwarden 2023 Password Decisions Survey polling independent IT decision makers across a range of industries, 60% report their organization experienced a cyberattack within the past year. To protect your business from cyber criminals, read this discussion of cybersecurity technologies - firewall security, AV software, security information and event management (SIEM), and password security.

Community Spotlight

We deeply value the creativity of the Bitwarden community, especially when it comes to aiding others in gaining a better grasp of the Bitwarden product.

This month’s newsletter spotlights Reddit user, ArmadilloMuch2491, for their illustrated infographic series on how to secure your Bitwarden backups. We invite you to participate in the discussion here.

We'd like to thank the Bitwarden Community for helping us rank first in the Summer and Fall 2023 Enterprise Grid Report. If you would like to leave an honest review (and receive a $25 Amazon gift card in return), you can do so here.

Join an Upcoming Event

The fourth annual Open Source Security Summit brings together business leaders, industry visionaries, and technology users to chart a path forward and highlight the future of open source security solutions at this free virtual event. Register now to explore advancements in open source security and how using open source tools can build trust with customers and consumers.

More Upcoming Events

• Weekly Live Demo: Every Wednesday at 12 pm EDT
  Join us for a live walkthrough of the Bitwarden Password Manager business features and capabilities and ask your questions during live Q&A.
  
  
• Bitwarden and Passkeys: November 9 at 12 pm EDT
  Join the Bitwarden team for a discussion on passkeys. Learn about the benefits of passwordless, passkeys as a passwordless solution, how passkeys can be used with Bitwarden, and how to easily add passkeys to your own website or app.

• Managed Service Provider (MSP) Demo: November 9 at 12 pm EDT
  Join us for an admin training session for MSPs to learn the best practices to get your clients up and running quickly.

• Vault Hours: November 10 at 12 pm EDT
  In the Bitwarden version of “office hours”, join the collaborative conversation and ask questions or share live feedback with the Bitwarden team.
  
  
• Open Source Security Summit: December 7 at 10 am EDT
  Register now for this annual celebration of open source solutions and discussions on the future of security with industry leaders like Brian Krebs, Zack Kass from OpenAI, and white hat hacker Rachel Tobac.

That’s it for now. For more product updates and online security tips, visit the Bitwarden blog.

Until next time,

Team Bitwarden