November 2022
Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color
When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” …
Compliance initiatives can advance your organization’s security journey
Compliance standards are designed to give organizations a foundational approach to designing their security program while also reassuring third parties that you have met at …
Remote work pushes video conferencing security to the fore
IT professionals are becoming increasingly concerned about the growing number of cyber threats and foreign attacks capable of impacting video conferencing. In this Help Net …
Security leaders want consequences for insecure code
Organizations plan to invest in DevSecOps in 2023, and the level of urgency for them to do so has grown. In a recent survey conducted by the Neustar International Security …
How ransomware gangs and malware campaigns are changing
Deep Instinct released its 2022 Bi-Annual Cyber Threat Report which focuses on the top malware and ransomware trends and tactics from the first half of 2022 and provides key …
Okta Customer Identity Cloud helps businesses reduce security risks
Okta unveiled Okta Customer Identity Cloud, an easy-to-implement and customizable customer identity solution that helps organizations resolve the tension between security, …
Picus Complete Security Validation Platform strengthens organizations’ cyber resilience
The new Picus Complete Security Validation Platform levels up the company’s attack simulation capabilities to remove barriers of entry for security teams. It enables any …
Immuta Unified Audit Model streamlines the filtering and analysis of audit data
Immuta launches Unified Audit Model for simplified data auditing at scale to meet customers’ security and compliance needs. UAM enriches Immuta’s Data Security Platform …
Lacework enhances CNAPP capabilities with attack path analysis and agentless vulnerability scanning
Lacework announced new cloud-native application protection platform (CNAPP) capabilities for the Polygraph Data Platform that provide improved attack path analysis and …
Cybellum’s automated VEX generation capability enables security teams to focus on high risk threats
Cybellum announces automated Vulnerability Exploitability Exchange (VEX) generation capability, enhancing product security and facilitating vulnerability information sharing …
Mirantis OpenStack for Kubernetes updates improve security and storage management
Mirantis announced an update to Mirantis OpenStack for Kubernetes (MOSK) that delivers early access to production-grade OpenStack Yoga, delivers new security features, …
Rafay Systems expands support for Amazon EKS Anywhere with automation and governance capabilities
Rafay Systems announced the expansion of its work with Amazon Web Services (AWS) with native support for Amazon Elastic Kubernetes Service (Amazon EKS) Anywhere. With …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM