Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2022

What is the difference between a vendor and a third party vendor?

A manufacturing organisation providing direct goods and services is known as a vendor. If the same services and products are provided on behalf of a direct vendor, they are known as third-party vendors. Third-party vendors always have a direct written contract, but not each vendor and organisation works with contracts. The definition of an entity as a third-party vendor depends on the organisation hiring its services.

What is ePHI? A Guide to electronic Protected Health Information (ePHI)

ePHI stands for electronic protected health information. Electronic protected health information is protected under the Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA. ePHI security is governed by the HIPAA Security Rule. With the rise of telehealth, covered entities need to understand the requirements for safely transmitting, storing, and using ePHI to be compliant with the Security Rule and to protect a patient’s privacy.

Rezilion Researchers Find 85% of Vulnerabilities Pose No Risk

The number of newly discovered software vulnerabilities is constantly on the rise, and organizations are struggling to keep up with patching efforts. This is leading to a growing vulnerability backlog and slowing down development and the release of new products. But this growing backlog and the stress it causes is unacceptable. There’s a new way to manage vulnerabilities.

Are your Apple devices safe from the latest vulnerabilities?

Apple has recently released OS updates for multiple operating systems, addressing known and exploited security vulnerabilities along with previously unknown ones. During the past week, various data security organizations like the US Cybersecurity and Infrastructure Security Agency and Indian Computer Emergency Response Team have issued warnings asking users to install the latest updates on their Apple devices as soon as possible to avoid possible exploitation of devices and device data.

Hunting a Global Telecommunications Threat: DecisiveArchitect and Its Custom Implant JustForFun

The security landscape is constantly developing to provide easier ways to establish endpoint visibility across networks through the use of endpoint detection and response (EDR) utilities. However, certain challenges still remain, particularly as a result of many organizations' need for systems running legacy or proprietary operating systems, such as Solaris. If such systems are not adequately protected using other security controls or unless they can only be accessed by systems with appropriate endpoint-based detection/prevention capabilities, this can cause a gap in visibility for an organization that an adversary could abuse.

Jira Integration Demo with UpGuard's Product Marketing Manager, Annie Luu

Hear from UpGuard's Product Marketing Manager, Annie Luu, as she introduces you to UpGuard's new Jira Integration feature. UpGuard's Jira integration plugs directly into your workflow management, giving you the flexibility to present only the information you want to the relevant people to address security risks promptly. =========== CHAPTERS:=========== Interested in finding out more about UpGuard?

Vendor Portfolios Demo with UpGuard's Product Marketing Lead, Harsh Budholiya

Learn from UpGuard's Product Marketing Lead, Harsh Budholiya, as he introduces you to UpGuard's new Vendor Portfolios feature. Vendor portfolios provide security teams greater control over user permissions by giving them the ability to define access to all or selected portfolios for each user on the platform based on their role in the organization.

Remediation Requests within RIsk Assessments Demo with Senior Product Manager, Chris Schubert

Hear from UpGuard's Senior Product Manager, Chris Schubert, as he introduces you to UpGuard's new Remediation Requests within Risk Assessments feature. You can now also send remediation requests from within risk assessments, enabling you to track the progress of each item under remediation and have a record of the remediation request embedded directly into the point-in-time risk assessment.

Netwrix Password Reset

Netwrix Password Reset is an Active Directory password reset tool that enables users to securely reset or change their own passwords and unlock their accounts from any web browser, desktop or mobile device — without calling the help desk. Are password-related tickets driving up your IT helpdesk costs? Do lockouts and password management headaches frustrate your users and disrupt vital business processes? A self-service password reset tool can solve these problems, but you might be worried that it could increase the risk of attackers slipping into your network.

4 Database Access-Control Methods to Automate

Regardless of which role a person has in an organization, they will always need access to one or more databases to be able to perform the functions of their job. Whether that person is a cashier at McDonald’s or a technical account manager supporting a Fortune 500 company, data entry and retrieval is core to the services they provide.