Security testing allows you to evaluate the robustness of applications and systems and identify potential weaknesses that attackers may exploit. DAST and fuzzing are two popular, important, and proven security testing methods.

In the ever-evolving landscape of cybersecurity threats, the recent breach by the notorious hacker group R00TK1T serves as a stark reminder of the vulnerabilities faced by even the most established organizations. As the Foresight Threat Team delves into the details of this alarming incident, it becomes imperative to shed light on the implications and lessons to be learned from this breach.

Software Composition Analysis (SCA) is the practice of identifying the open source libraries your code depends on. By using SCA, you can analyze these dependencies and determine whether they are affected by any known vulnerabilities, contain malicious code, introduce licensing risk, or are poorly maintained. SCA helps teams understand their software’s dependencies and the security implications of using them so that they can safely build on and innovate with open source code.

Endpoint detection and response (EDR) solutions have become a key component of many enterprise endpoint security strategies, resulting in a forecasted market value close to $17 billion by 2030. This is due in no small part to the increase in remote work following the COVID-19 pandemic, the resulting bring-your-own-device (BYOD) trend in which employees use personal devices for work-related activities, and the constant evolution of cyber threats.

In large-scale SD-WAN deployments, both enterprises and Managed Security Service Providers (MSSPs) place a high priority on ensuring that SD-WAN CPEs seamlessly integrate with the nearest Netskope NewEdge Network Point of Presence (PoP). Automating this integration process is crucial as it not only saves considerable time but also boosts business agility.

The following is adapted from a conversation between Torq and Robbie Jakob-Whitworth, Cybersecurity Solutions Architect at Next DLP. Next DLP is a leading provider of insider risk and data protection solutions. Read on to learn how Robbie has used Torq Hyperautomation to automate alerts and reduce alert fatigue within his organization.

Montana Governor Greg Gianforte signed Senate Bill 384, the Montana Consumer Data Privacy Act (MTCDPA), on May 19, 2023. The consumer privacy law will become effective on October 1, 2024, and requires covered entities that process personal data to comply with several transparency and disclosure obligations. The MTCDPA follows the structure and scope of other US state data privacy laws, including the California Consumer Privacy Act, Tennessee Information Protection Act, and Colorado Privacy Act.

The cybercriminal threat actor FIN7 is launching spear phishing attacks against the automotive industry in the United States, according to researchers at BlackBerry. The threat actor identifies IT employees at automotive companies and attempts to trick them into downloading a Trojanized version of a free IP scanning tool. FIN7 is a Russia-based financially motivated threat actor that carries out a variety of cybercrime activities, including ransomware attacks.

Tennessee Governor Bill Lee passed the Tennessee Information Protection Act (TIPA) on May 11, 2023. TIPA becomes effective on July 1, 2025, and groups Tennessee with California, Colorado, Virginia, and other states that have published their own data privacy law while waiting for a comprehensive federal law from the U.S. Government.