Collaborate Disseminate
Big tech firms are already rolling out AI remediation tools to prevent developers from introducing security risks into the software development lifecycle (SDLC). In this Help Net Security video, Matias Madou, CTO at Secure Code Warrior, discusses how A… Continue reading Does AI remediation spell the end for developers in 2024?
Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnera… Continue reading The effect of omission bias on vulnerability management
In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must p… Continue reading Vulnerability disclosure: Legal risks and ethical considerations for researchers
Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively mitigating risk. Making that transition starts with a shift from using “r… Continue reading How to go from collecting risk data to actually reducing risk?
Cyber insurance has been around longer than most of us think. When American International Group (AIG) launched the first cyber insurance policy in 1997, it stepped into completely unknown territory to gain market share. Now, 26 years later, cyber insur… Continue reading Keeping up with the demands of the cyber insurance market
Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable trend than as a mere option on the security menu. At the same time, however, it… Continue reading Why zero trust delivers even more resilience than you think
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fo… Continue reading Tackling cyber risks head-on using security questionnaires
The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The average annual cost of an insider risk has increased to $16.2 million – a 40… Continue reading Despite rising insider risk costs, budgets are being wasted in the wrong places
Enterprises that leverage observability increase operational efficiency and grow revenue, according to SolarWinds. The report explores how enterprises can act proactively to maximise the advantages of their observability solutions, integrate best pract… Continue reading Security concerns and outages elevate observability from IT niche to business essential
In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management (EASM) solutions, the essential capabilities an EASM solution should possess, … Continue reading The blueprint for a highly effective EASM solution