Security Architecture – Page 5

Password Dependency: How to Break the Cycle

Posted on January 25, 2023 by Torsten George

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done?

The post Password Dependency: How to Break the Cycle appeared first on SecurityWeek.

Continue reading Password Dependency: How to Break the Cycle→

NSA Publishes Security Guidance for Organizations Transitioning to IPv6

Posted on January 23, 2023 by Ionut Arghire

The National Security Agency (NSA) has published guidance to help the Department of Defense (DoD) and other system administrators identify and mitigate cyber risks associated with transitioning to Internet Protocol version 6 (IPv6).
read more Continue reading NSA Publishes Security Guidance for Organizations Transitioning to IPv6→

Majority of GAO’s Cybersecurity Recommendations Not Implemented by Federal Agencies

Posted on January 23, 2023 by Ionut Arghire

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December 2022, the US Government Accountability Office (GAO) says in a new report.
read more Continue reading Majority of GAO’s Cybersecurity Recommendations Not Implemented by Federal Agencies→

Chainguard Trains Spotlight on SBOM Quality Problem

Posted on January 19, 2023 by Ryan Naraine

Software engineers tracking the quality of software bill of materials have stumbled on a startling discovery: Barely 1% of all SBOMs being generated today meets the “minimum elements” defined by the U.S. government.
read more Continue reading Chainguard Trains Spotlight on SBOM Quality Problem→

Netwrix Acquires Remediant for PAM Technology

Posted on December 28, 2022 by Ryan Naraine

Data security software vendor Netwrix has acquired Remediant, an early-stage startup working on technology in the PAM (privileged access management) category.
Financial terms of the acquisition were not disclosed.
read more Continue reading Netwrix Acquires Remediant for PAM Technology→

Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw

Posted on December 12, 2022 by Ryan Naraine

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the flaw in the wild.
read more Continue reading Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw→

Removing the Barriers to Security Automation Implementation

Posted on December 8, 2022 by Marc Solomon

Implementation of security automation can be overwhelming, and has remained a barrier to adoption
read more Continue reading Removing the Barriers to Security Automation Implementation→

Online Event Today: Security Operations Summit

Posted on December 6, 2022 by SecurityWeek Video

Project Zero Flags ‘Patch Gap’ Problems on Android

Posted on November 28, 2022 by Ryan Naraine

Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices.
read more Continue reading Project Zero Flags ‘Patch Gap’ Problems on Android→

Palo Alto to Acquire Israeli Software Supply Chain Startup

Posted on November 17, 2022 by Ryan Naraine

Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that adds software supply chain security capabilities to its Prisma Cloud platform.
read more Continue reading Palo Alto to Acquire Israeli Software Supply Chain Startup→