cybersecurity
Make sure you keep an eye on your APIs
Application programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central …
Moving away from spreadsheets: How to automate your third-party risk management process
Spreadsheets are dumb. Okay, it’s not that spreadsheets are dumb, or that the people who use them are dumb. That’s not at all what I’m saying. What’s dumb is using …
Kubernetes security matures: Inside the project’s first audit
Auditing 1.5 million lines of code is a heroic undertaking. With resources provided by the Cloud Native Computing Foundation (CNCF), the Kubernetes Project leadership created …
Security flaw could turn load balancers into beachheads for cyber attacks
Cyber security provider F-Secure is advising organizations using F5 Networks’ BIG-IP load balancer, which is popular amongst governments, banks, and other large corporations, …
Which are the most capable breach prevention systems?
NSS Labs released its Analysis of Breach Prevention Systems (BPS) – solution suites, involving endpoint, network, sandbox, cloud, and other integrated protections. …
What’s cybercriminals’ most effective weapon in a ransomware attack?
Cybercriminals’ most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files …
Embracing the cloud and meeting its security demands
If you want to build a career in information security, there’s no shortage of diverse roles you can aim for. Whether you’ll end up doing that or something else …
Prevent lateral attacks inside the data center with a defense-in-depth hardware layer
IT departments tend to be concerned primarily with cybersecurity attacks that originate from outside the enterprise, known as a “north-south” attacks. This often leaves them …
Online skimming: An emerging threat that requires urgent awareness and attention
A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, …
Security orchestration and automation checklist: How to choose the right vendor
Faced up against the well-chronicled global skills shortage, the ceaseless bombardment of security alerts and the hodgepodge of security tools unable to communicate with each …
FSI organizations are failing to assess their software for security vulnerabilities before release
More than half of organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology, a Synopsys report …
The persistent struggle to improve SOC productivity reveals the need for newer SIEM technologies
On average, security personnel in U.S. enterprises waste approximately 25 percent of their time chasing false positives because security alerts or indicators of compromise …
Featured news
Resources
Don't miss
- What a future without CVEs means for cyber defense
- What it really takes to build a resilient cyber program
- How cybercriminals exploit psychological triggers in social engineering attacks
- Key tips to stay safe from deepfake and AI threats
- UK retailers under cyber attack: Co-op member data compromised