Your supply chain: How and why network security and infrastructure matter

With digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today’s supply chains, cybercriminals have more entry points to networks and access to data than ever before. In the past year alone, cyberattacks o… Continue reading Your supply chain: How and why network security and infrastructure matter

From fragmented encryption chaos to uniform data protection

Encryption is so critical to enterprise security that it’s almost like air: It’s a necessity, it’s everywhere, and we can’t live without it. On the surface, having encryption everywhere seems like a great idea. However, in many ways the drive to achiev… Continue reading From fragmented encryption chaos to uniform data protection

Securing open-source code supply chains may help prevent the next big cyberattack

The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my software supply chain secure?” After months of analysis, we know that many (som… Continue reading Securing open-source code supply chains may help prevent the next big cyberattack

Why cybersecurity training needs a post-pandemic overhaul

COVID-19 may have ushered in the rise of remote work (either temporarily or permanently) but not all organizations were prepared to manage a fully remote workforce and the cybersecurity challenges that come with it. Protecting information assets agains… Continue reading Why cybersecurity training needs a post-pandemic overhaul

Guarding against DCSync attacks

Gaining access to domain admin credentials is part of the endgame in many sophisticated attacks where threat actors are trying to maintain persistence. One of the ways that adversaries accomplish this is through DCSync attacks. What is a DCSync attack?… Continue reading Guarding against DCSync attacks

Top 5 cybersecurity considerations for file uploads of vaccination records

As vaccination mandates become more common, immunization records are increasingly required across the world. Organizations are turning to the digital space to upload images of COVID-19 record cards as electronic proof of vaccination. Having a web appli… Continue reading Top 5 cybersecurity considerations for file uploads of vaccination records

An introduction to U.S. data compliance laws

Due to technological advances like the rise of cloud storage and social media, there is an increasing concern over privacy — especially when it comes to how businesses collect and use customer data. While the U.S. does not presently have an all-encompa… Continue reading An introduction to U.S. data compliance laws

Lack of API visibility undermines basic principle of security

One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack surface and valuable resources. Various technical challenges have come to bear ov… Continue reading Lack of API visibility undermines basic principle of security

How to handle third-party security risk management

In this Help Net Security interview, Demi Ben-Ari, CTO at Panorays, talks about third-party security risk management and the repercussions of a third-party breach. He also discusses the Panorays platform that automates, accelerates and scales customers… Continue reading How to handle third-party security risk management

Bots are lurking in your zombie and shadow APIs

By far this year’s biggest trend that we’ve observed in the land of APIs is that every organization has shadow and zombie APIs and they’re a much bigger issue than most people want to believe. Maybe they’re taking the “If I’ve never seen it, then it do… Continue reading Bots are lurking in your zombie and shadow APIs