Putting the “sec” in DevSecOps: An overall reduction of risk
In this Help Net Security interview, Cindy Blake, Senior Security Evangelist at GitLab, talks about the importance of integrating security in DevSecOps and how to overcome the …
Your supply chain: How and why network security and infrastructure matter
With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to …
From fragmented encryption chaos to uniform data protection
Encryption is so critical to enterprise security that it’s almost like air: It’s a necessity, it’s everywhere, and we can’t live without it. On the surface, having encryption …
Securing open-source code supply chains may help prevent the next big cyberattack
The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my …
Why cybersecurity training needs a post-pandemic overhaul
COVID-19 may have ushered in the rise of remote work (either temporarily or permanently) but not all organizations were prepared to manage a fully remote workforce and the …
Guarding against DCSync attacks
Gaining access to domain admin credentials is part of the endgame in many sophisticated attacks where threat actors are trying to maintain persistence. One of the ways that …
Top 5 cybersecurity considerations for file uploads of vaccination records
As vaccination mandates become more common, immunization records are increasingly required across the world. Organizations are turning to the digital space to upload images of …
An introduction to U.S. data compliance laws
Due to technological advances like the rise of cloud storage and social media, there is an increasing concern over privacy — especially when it comes to how businesses collect …
Lack of API visibility undermines basic principle of security
One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack …
How to handle third-party security risk management
In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. He also …
Bots are lurking in your zombie and shadow APIs
By far this year’s biggest trend that we’ve observed in the land of APIs is that every organization has shadow and zombie APIs and they’re a much bigger issue than most people …
The six most common threats against the device that knows you best
What is the most intimate relationship in your life—aside from your partner, your children or your parents? For many of us, it’s our mobile phone. It’s the last thing we see …
Featured news
Sponsored
Don't miss
- CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
- The rising influence of AI on the 2024 US election
- 10 colleges and universities shaping the future of cybersecurity education
- What is multi-factor authentication (MFA), and why is it important?
- MITRE breached by nation-state threat actor via Ivanti zero-days