Shadow IT: Security policies may be a problem
3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent …
What AppSec and developers working in cloud-native environments need to know
All enterprise organizations are, in essence, software publishers, regardless of their industry. This is because every enterprise relies on custom software applications for …
18 free Microsoft Azure cybersecurity resources you should check out
Far exceeding a traditional public cloud platform, Azure is a comprehensive suite of over 200 products and cloud services engineered to solve current challenges and pave the …
Rising OT/ICS cybersecurity incidents reveal alarming trend
60% of cyberattacks against the industrial sector are led by state-affiliated actors and often unintentionally enabled by internal personnel (about 33% of the time), according …
Security concerns and outages elevate observability from IT niche to business essential
Enterprises that leverage observability increase operational efficiency and grow revenue, according to SolarWinds. The report explores how enterprises can act proactively to …
Strong compliance management is crucial for fintech-bank partnerships
72% of banks and credit unions are prioritizing compliance when evaluating fintechs, citing it as their top criteria in the due diligence process, according to Ncontracts. As …
Never use your master password as a password on other accounts
One in three Americans now use password managers, up from one in five in 2022, according to an online poll by Security.org that quizzed 1,051 American adults on how they use …
An inside look at NetSPI’s impressive Breach and Attack Simulation platform
In this Help Net Security interview, Scott Sutherland, VP of Research at NetSPI, delves into the intricacies of their Breach and Attack Simulation (BAS) platform and discusses …
LLM Guard: Open-source toolkit for securing Large Language Models
LLM Guard is a toolkit designed to fortify the security of Large Language Models (LLMs). It is designed for easy integration and deployment in production environments. It …
Companies still don’t know how to handle generative AI risks
Energized by the hype around generative AI, enterprises are aggressively pursuing practical applications of this new technology while remaining cautious about the risks, …
Organizations are racing against time to meet the PCI DSS 4.0 deadline
Payment data security concerns remain widespread as organizations undertake significant lift to meet the PCI DSS 4.0 deadline, according to Bluefin. 94% of survey respondents …
Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)
Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows …