access control
15% of office workers use unsanctioned GenAI tools
Rigid security protocols — such as complex authentication processes and highly restrictive access controls — can frustrate employees, slow productivity and lead to unsafe …
3 easy microsegmentation projects
Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device …
3 tips for securing IoT devices in a connected world
IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected …
Compliance management strategies for protecting data in complex regulatory environments
In this Help Net Security interview, Andrius Buinovskis, Head of Product at NordLayer, discusses how organizations can assess their compliance management and ensure they meet …
Apple releases iOS 18, with security and privacy improvements
Apple has launched iOS 18, the latest significant iteration of the operating system powering its iPhones. Along with many new features and welcome customization options, iOS …
How AI and zero trust are transforming resilience strategies
In this Help Net Security interview, John Hernandez, President and General Manager at Quest Software, shares practical advice for enhancing cybersecurity resilience against …
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific …
Organizations fail to log 44% of cyber attacks, major exposure gaps remain
40% of tested environments allowed attack paths that lead to domain admin access, according to Picus Security. Achieving domain admin access is particularly concerning because …
How CISOs enable ITDR approach through the principle of least privilege
Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion. …
The CISO’s approach to AI: Balancing transformation with trust
As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are …
Overlooked essentials: API security best practices
In this Help Net Security interview, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID …
Risk related to non-human identities: Believe the hype, reject the FUD
The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM