access control
What insurers really look at in your identity controls
Insurers judge organizations by the strength of their identity controls and by how consistently those controls are applied, according to a new Delinea report. CISOs are …
Automation can’t fix broken security basics
Most enterprises continue to fall short on basic practices such as patching, access control, and vendor oversight, according to Swimlane’s Cracks in the Foundation: Why …
Employees keep finding new ways around company access controls
AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, …
OpenFGA: The open-source engine redefining access control
OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers …
When everything’s connected, everything’s at risk
In this Help Net Security interview, Ken Deitz, CISO at Brown & Brown, discusses how the definition of cyber risk has expanded beyond IT to include IoT, OT, and broader …
Inside the messy reality of Microsoft 365 management
Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to …
Behind the screens: Building security customers appreciate
In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer …
Meet ARGUS, the robot built to catch hackers and physical intruders
Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and …
Biotech platforms keep missing the mark on security fundamentals
A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than …
APIs and hardware are under attack, and the numbers don’t look good
Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are …
GitHub adds post-quantum protection for SSH access
GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. …
Maximum severity Cisco ISE vulnerabilities exploited by attackers
One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the …
Featured news
Resources
Don't miss
- Salesforce Gainsight compromise: Early findings and customer guidance
- Research shows identity document checks are missing key signals
- How one quick AI check can leak your company’s secrets
- Salesforce investigates new incident echoing Salesloft Drift compromise
- Security gap in Perplexity’s Comet browser exposed users to system-level attacks