Collaborate Disseminate
The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible cybersecurity gets in the way of what any company really wants to do: innovate fast, stay ahead of the competition, and … Continue reading Automate manual security, risk, and compliance processes in software development
Did you survive the madness of February 2020 Patch Tuesday and its aftermath? We saw Windows 7 and Server 2008 finally move into extended security support and then Microsoft pulled a rare, standalone Windows 10 security patch following some unexpected … Continue reading March 2020 Patch Tuesday forecast: Let’s put the madness behind us
Embedding cybersecurity into our enterprises remains a difficult problem to solve. Year after year, billions of dollars are spent on building checks and controls, but the rate of attacks and breaches has only accelerated. No one seems to be immune. Sop… Continue reading Your cybersecurity strategy could use some ESP
Zero trust is a comprehensive security framework that requires everyone—and every service account—to authenticate identity before entering the corporate network. Every app and every device, as well as all the data they contain, must also be verified fo… Continue reading How adaptive trust makes security efficient
Passwords have been around since ancient times and they now serve as the primary method for authenticating a user during the login process. Individuals are expected to use unique username and password combinations to access dozens of protected resource… Continue reading Soon, your password will expire permanently
In this podcast recorded at RSA Conference 2020, we’re joined by the ThreatQuotient team talking about a threat-centric approach to security operations, the evolution of threat intelligence and the issues surrounding it. Our guests are: Chris Jac… Continue reading Security operations and the evolving landscape of threat intelligence
When the popular security-focused BackTrack Linux distribution was redesigned from the ground up and given the name Kali Linux nearly seven years ago, I remember thinking that it was a fantastic name – and fitting, too. I had the vivid image of t… Continue reading Kali Linux evolution: What’s next for the open source pentesting Linux distro?
Zero trust isn’t a product or service, and it’s certainly not just a buzzword. Rather, it’s a particular approach to cybersecurity. It means exactly what it says – not “verify, then trust” but “never trust and always verify.” Essentially, zero trust is… Continue reading 5 considerations for building a zero trust IT environment
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration (CWE) list, which has been expanded to include hardware security weaknesses. About CWE The Common Weakness Enumeration (CWE) is a category system for weaknesses and vulne… Continue reading CWE list now includes hardware security weaknesses
ESET researchers have discovered Kr00k (CVE-2019-15126), a previously unknown vulnerability in Wi-Fi chips used in many client devices, Wi-Fi access points and routers. Kr00k is a vulnerability that causes the network communication of an affected devic… Continue reading Flaw affecting 1B+ Wi-Fi-enabled devices allows attackers to decrypt wireless network packets