access control
Automation can’t fix broken security basics
Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why …
Employees keep finding new ways around company access controls
AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, …
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers …
When everything’s connected, everything’s at risk
In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to include IoT, OT, and broader …
Inside the messy reality of Microsoft 365 management
Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to …
Behind the screens: Building security customers appreciate
In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer …
Meet ARGUS, the robot built to catch hackers and physical intruders
Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and …
Biotech platforms keep missing the mark on security fundamentals
A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than …
APIs and hardware are under attack, and the numbers don’t look good
Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are …
GitHub adds post-quantum protection for SSH access
GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. …
Maximum severity Cisco ISE vulnerabilities exploited by attackers
One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the …
Can your security stack handle AI that thinks for itself?
In this Help Net Security video, Art Poghosyan, CEO at Britive, explores the rise of agentic AI and its impact on identity security. As autonomous AI agents begin to think, …
Featured news
Resources
Don't miss
- Fake spam filter alerts are hitting inboxes
- “Patched” but still exposed: US federal agencies must remediate Cisco flaws (again)
- Rhadamanthys infostealer operation disrupted by law enforcement
- Healthcare security is broken because its systems can’t talk to each other
- Wanna bet? Scammers are playing the odds better than you are