Is offensive testing the way for enterprises to finally be ahead of adversaries?
The one principle the cyber-security industry is founded on is that defenders are always a step behind the hackers. Solutions are developed (FW, AV and onwards), technologies …
Top cybersecurity threats enterprises will face in 2022
McAfee and FireEye released its 2022 Threat Predictions, examining the top cybersecurity threats they predict enterprises will face in 2022. Bad actors have taken note of …
Despite increased cyber threats, many organizations have no defense plans in place
98% of U.S. executives report that their organizations experienced at least one cyber event in the past year, compared to a slightly lower rate of 84% in non-U.S. executives, …
How to automate configuration review
Configuration management can be challenging. IT teams can become overwhelmed between various standards, compliance requirements, and security options. As the popularity of …
The CISO’s guide to third-party security management
Managing the security of your third parties is crucial, but security assessments are riddled with problems, including a lack of context, scalability and relevance. How can you …
Four key tenets of zero trust security
As cybercrime threatens businesses of all sizes, industries and locations, organizations have realized that the status quo is no longer tenable and that implementing zero …
The fast-expanding world of online proctoring: What cybersecurity industry leaders must know
The blistering post-pandemic pace of digital transformation has put the urgent demand for cybersecurity professionals in the spotlight. Simultaneously, more testing taking …
How to close the cybersecurity workforce gap
(ISC)² released the findings of its 2021 (ISC)² Cybersecurity Workforce Study. The study reveals updated figures for both the Cybersecurity Workforce Estimate and the …
The dangers behind wildcard certificates: What enterprises need to know
With the National Security Agency recently issuing guidance on the risks associated with wildcard TLS certificates and Application Layer Protocols Allowing Cross-Protocol …
Organizations making security trade-offs in the push to innovate
The vast majority of organizations are increasing their investment in application security this year, but they continue to struggle to fully embrace secure innovation. A …
Manual tasks still a barrier to accelerating innovation through DevOps
Dynatrace announced the findings from an independent global survey of 1,300 development and DevOps leaders, which revealed the primary challenges organizations are facing as …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Featured news
Resources
Don't miss
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring
- Microsoft 365 users targeted in device code phishing attacks
- More than half of public vulnerabilities bypass leading WAFs
- The soft underbelly of space isn’t in orbit, it’s on the ground
- Privacy risks sit inside the ads that fill your social media feed