Please turn on your JavaScript for this page to function normally.
supply chain
Integrating software supply chain security in DevSecOps CI/CD pipelines

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, …

brain
Released: AI security guidelines backed by 18 countries

The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as …

Guy Guzner
AI threat landscape: Model theft and inference attacks emerge as top concerns

Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on …

mask
US warns of North Korean hackers posing as IT freelancers

Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …

ship
Navigating the waters of maritime cybersecurity

In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government …

IoT
Guide: Security measures for IoT product development

The European Union Agency for Cybersecurity (ENISA) released its Guidelines for Securing the IoT, which covers the entire IoT supply chain – hardware, software and services. …

bot
In the era of AI, standards are falling behind

According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company …

measure
FIRST releases updated coordination principles for Multi-Party Vulnerability Coordination and Disclosure

The Forum of Incident Response and Security Teams (FIRST) has released an updated set of coordination principles – Guidelines for Multi-Party Vulnerability Coordination and …

alert
How to gather cyber threat intelligence from dark markets without breaking US law

The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, …

healthcare
ENISA publishes procurement guidelines for cybersecurity in hospitals

The EU Agency for Cybersecurity (ENISA) published a cybersecurity procurement guide for hospitals. The hospital is a vast ecosystem comprised of an entire network of devices, …

roads
Guidelines for assessing ISPs’ security measures in the context of net neutrality

According to the EU’s net neutrality regulation, called the Open Internet Regulation, which came into force in 2016, internet providers should treat all internet traffic to …

read
US DOJ publishes guidelines for setting up a vulnerability disclosure program

Instituting a vulnerability disclosure program (aka bug bounty program) that won’t blow up in the organization’s face can be a daunting task. Some will prefer to …

Don't miss

Cybersecurity news