Search results for: zero trust

Keeper Security

Product Showcase: Keeper Security’s Enterprise Password Management platform

People often speak of cybersecurity as a technology challenge. But protecting data and IT infrastructure is also very much a matter of human behavior. Eighty-five percent of data breaches involve a human element, according to the Verizon Business 2021 Data Breach Investigations Report. When organizations fall victim to ransomware, data theft or other attacks, bad actors often gain access through weak spots created by unsafe cybersecurity practices. Often, those weak spots involve passwords. At least … More

Handshake

NetAbstraction collaborates with VaporVM and InoGates to offer ransomware protection in the Middle East

NetAbstraction announced its expansion into the Middle East and that it has partnered with VaporVM and InoGates to offer NetAbstraction’s ransomware protection technology to commercial and government customers in the region. “The Gulf Cooperation Council (GCC) region is a favorite target for cybercrime due to the fast growth rate of its industrial sectors,” said Gordon Lawson, CEO of NetAbstraction. “We are working with VaporVM and InoGates to deliver NetAbstraction solutions that significantly reduce the attack … More

bomb

Moving towards defense in depth under the gray skies of conflict

The war in Ukraine is in the second month of bloodshed and the broader impact of the conflict is being felt across the globe, as markets react to increased fuel prices and the consequences of Russia’s growing political and economic isolation. Thus far, the anticipated reaction of Russia to Western sanctions and material support for the Ukrainian military within the cyber domain seems to have been muted. However, on March 21, 2022, President Biden issued … More

zero

4 steps for building an orchestrated authorization policy for zero trust

There is a great deal of emphasis placed on the zero-trust approach with respect to access. Looking beyond authentication (the act of verifying that someone is who they say they are), evaluating authorization is just as important as it determines what someone can do with that access. Policies must be written to account for this, and the strongest policies are built on an authorization model that is orchestrated in nature. An orchestrated and centralized approach … More

transform

The price of an accelerated digital transformation

F5 announced a report which shows the challenges organizations face as they transform IT infrastructures to deliver and secure digital services that have become inseparable from everyday activities, such as completing job tasks or consulting a doctor. With highly distributed architectures and a broader threat landscape resulting from an ongoing digitization of previously physical experiences, organizations are turning to a variety of solutions to help manage complexity and address widening IT skills gaps. However, survey … More

week in review

Week in review: Attackers exploiting VMware RCE, Microsoft fixes actively exploited zero-day

Here’s an overview of some of last week’s most interesting news, articles and interviews: Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521) On this April 2022 Patch Tuesday, Microsoft has released patches for 128 CVE-numbered vulnerabilities, including one zero-day exploited in the wild (CVE-2022-24521) and another (CVE-2022-26904) for which there’s already a PoC and a Metasploit module. Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809) Since Microsoft’s latest … More

New infosec products of the week: April 15, 2022

Here’s a look at the most interesting products from the past week, featuring releases from Axis Security, BigID, Finite State, oak9, OwnBackup, Palo Alto Networks, and Spin Technology. Axis Security Atmos protects sensitive business data from cyberthreats or high-risk users Atmos helps IT avoid the need to connect users to the corporate network, reduce exposure to ransomware threats, and spend less time on costly, and complex, firewall-based network segmentation. The cloud-native platform artfully extends secure … More

person

Unmanaged and unsecured digital identities are driving rise in cybersecurity debt

A global report released by CyberArk shows that 79% of senior security professionals state that cybersecurity has taken a back seat in the last year in favor of accelerating other digital business initiatives. The report identifies how the rise of human and machine identities – often running into the hundreds of thousands per organization – has driven a buildup of identity-related cybersecurity debt, exposing organizations to greater cybersecurity risk. A growing identities problem Every major … More

hardware security

A robust security strategy starts with the hardware

Intel released the results of a study exploring how organizations approach security innovation in an increasingly digital world to stay ahead of the evolving threat landscape. Key findings reveal that organizations value security product innovation, especially at the hardware level, when purchasing technologies and services. Businesses are expected to spend $172 billion in 2022 on increasing their cybersecurity commitments and enhancing measures to protect themselves. Organizations recognize hardware-assisted security capabilities are critical to a robust … More

SaaS

The perils of SaaS misconfigurations

The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS security and related misconfigurations. “Many recent breaches and data leaks have been tied back to misconfigurations. Whereas most research related to misconfigurations has focused strictly on the IaaS layers and entirely ignores the SaaS stack, SaaS security and misconfigurations are equally, if not more, important when it comes to an organization’s … More

security platform

Palo Alto Networks Okyo Garde Enterprise Edition protects businesses from home network vulnerabilities

With the wide adoption of hybrid work, cyberattacks on home networks are potential threats to modern enterprises. Palo Alto Networks released Okyo Garde Enterprise Edition that provides cybersecurity to protect businesses from home network vulnerabilities. Everyday, more organizations are adopting a Secure Access Service Edge (SASE) architecture to provide consistent protection to employees – anywhere work needs to happen. Okyo Garde Enterprise Edition enables organizations to extend Palo Alto Networks’ SASE into the home network … More

company report

FIDO Alliance announces testing now available for its Certified Professional Program

FIDO Alliance announced that testing is now available for individuals seeking to become FIDO Certified Professionals. Experts in online security and authentication are invited to apply and demonstrate their ability to support businesses designing their authentication strategy and migration away from outdated techniques like passwords. FIDO is increasingly recognized by global enterprises, governments and consumers as the gold standard for phishing-resistant multi-factor authentication; just recently, it was cited as ‘best practice’ in the U.S. Zero … More