Collaborate Disseminate
Third-party breaches are on the rise. According to a recent report by the Ponemon Institute, over 60% of US companies experienced a data breach caused by one of their third parties in 2018, up from 49% in 2016.
The post Top 5 Ways to Minimiz… Continue reading Top 5 Ways to Minimize the Risk of Third-Party Breaches
In its default settings, uMatrix content blocker allows CSS and images (JPG, PNG, etc) from all sources, unless denied by a site-specific block list. It also allows 1st party cookies, scripts, and multimedia.
How much can a … Continue reading What can a 3rd party learn about a user through only CSS and images?
The SIG, short for “Standardized Information Gathering (Questionnaire)” is a repository of third-party information security and privacy questions, indexed to multiple regulations and control frameworks. SIG is published by a non-profit called Shar… Continue reading What is SIG?
Lately, we’ve seen a lot of news reports about databases inadvertently being exposed on the internet as a result of servers that are not configured correctly. This exposed data can include private information such as insurance records, photo… Continue reading Expert Advice: How to Avoid Misconfigured Servers
Lately, we’ve seen a lot of news reports about databases inadvertently being exposed on the internet as a result of servers that are not configured correctly. This exposed data can include private information such as insurance records, photo… Continue reading Expert Advice: How to Avoid Misconfigured Servers
How secure are your third-party suppliers? And what about their suppliers?
Panorays is focused on third-party security management – that is, the security posture of suppliers, vendors, partners and others doing business with an organization…. Continue reading Fourth-Party Security: Another Level of Security Management
It’s been one year since the General Data Protection Regulation was implemented, and it’s shaken up the way many companies approach data privacy and third-party cybersecurity. We asked Dov Goldman, Panorays’ director of risk and … Continue reading Happy Birthday, GDPR!
Why do so many websites serve JavaScripts from ajax.googleapis.com and other third-party sites? Wouldn’t it be securer for these sites to host these scripts themselves?
Continue reading Why do so many websites use third-party sites for hosting JavaScripts?
I have a B2B web app (and API) called XYZ. I have business customer ABC (and DEF, GHK, etc.), each of which have their own web app with their own distinct users. When a new user of ABC (or DEF, etc.) registers, they also crea… Continue reading Can access tokens be given to a third party app’s end users for a secure read/write process flow?
Earlier this month, Panorays CEO and co-founder Matan Or-El spoke about third-party security at the secureCISO event in New York. Here are some of his remarks:
The post Interview Excerpts: Third-Party Security – Challenges and Solutions appe… Continue reading Interview Excerpts: Third-Party Security β Challenges and Solutions