access management
RCE vulnerabilities fixed in SolarWinds enterprise solutions
SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable …
How threat actors abuse OAuth apps
OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security …
Demystifying SOC-as-a-Service (SOCaaS)
Threat actors aren’t looking for companies of specific sizes or industries, they are looking for opportunities. Given that many companies operate in the dark and overlook …
How CISOs navigate policies and access across enterprises
In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of balancing data protection with diverse policies, devices, and …
Zero trust implementation: Plan, then execute, one step at a time
82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust …
Beyond blockchain: Strategies for seamless digital asset integration
In this Help Net Security interview, Jean-Philippe Aumasson, CSO at Taurus, emphasizes the often-overlooked complexities of key generation, storage, and distribution, …
Security considerations during layoffs: Advice from an MSSP
Navigating layoffs is complex and difficult for many reasons. Not only do human resources and direct managers bear the onus of responsibility when conducting exit …
CISOs’ crucial role in aligning security goals with enterprise expectations
In this Help Net Security interview, Chris Mixter, Vice President, Analyst at Gartner, discusses the dynamic world of CISOs and how their roles have evolved significantly over …
Preventing insider access from leaking to malicious actors
In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world …
Cloud security predictions for 2024
As we reflect on the cybersecurity landscape and the trajectories of threat vectors, it’s evident that we’re on the cusp of a paradigm shift in cloud security. …
Why you need to extend enterprise IT security to the mainframe
Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the …
Short-term AWS access tokens allow attackers to linger for a longer while
Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them …