One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program.

On Wednesday, July 20, 2022, Cisco disclosed a critical severity vulnerability – CVE-2022-20857 – impacting Cisco Nexus Dashboard, an integrated dashboard used for visibility and provisioning data center and cloud network infrastructure. If successfully exploited, the vulnerability could allow an unauthenticated, remote threat actor to execute arbitrary commands as the root user in any pod on a node.

After the introduction of security service edge (SSE) with the February 2022 release of the Gartner Magic Quadrant for SSE, organizations may be wondering how they should choose an SSE vendor from the many profiled in the Gartner report. Interestingly enough during this year’s Gartner Security and Risk Management Summit in June 2022,

There are many types of solutions available to organizations that seek to secure their data in the cloud. From cloud DLP to Cloud Access Security Brokers (CASBs) to Cloud Workload Protection Platforms (CWPPs). But, how can you tell which approach to cloud security is right for your business? In this guide, we’ll compare two popular cloud security solutions: Prisma Cloud, a CNSP, to Nightfall, a cloud DLP solution, to help shed some light on the differences between these two approaches.

Deadlines! When we don’t have a structured path to take care of tasks, it’s difficult to get things done to the best of your ability with many competing priorities. This is something that plagues us all, and if you’ve got it under control, we’d like to hear your recipe for success!

Since working on a spreadsheet, you and your team have come a long way. You’re enjoying the ease of working in TrustOps because it automates control mapping, test creation, and evidence workflows. However, you’re looking for ways to save a bit more time, so you can focus on your day job and growing list of priorities. Collecting evidence to validate compliance controls takes time and affects HR, IT, DevOps, and the rest of your team’s productivity.

Security has become increasingly integrated with software development over the last few years, and the software industry needed a new role to own secure software development processes. As a result, DevSecOps Engineer role has emerged and gained popularity in the last decade. DevSecOps is the abbreviation of three words; Development, security, and operations, and it aims to develop applications more securely in the software development life cycle (SDLC).

Have you looked into some of the most well-known Active Directory (AD) attacks from around the world? Do you understand the nuances of these popular attacks and can you put the AD fundamentals you learned in the earlier parts of this blog series to good use?

Smartphones have become a central part of our lives, surpassing the popularity of desktops and laptops. That's why brands and companies these days need to take on a mobile approach when designing and creating applications. Why? Because an overwhelming number of mobile users spend their time these days on mobile apps. Therefore, it's crucial to consider the security of your mobile app. That way, all your sensitive data is safe and secure.

One of the most challenging elements of cybersecurity is knowing what’s to come. While none of us have an IT crystal ball (unfortunately), we can make educated guesses based on the evidence around us. One thing that is for sure, though, is that cybercriminals are more of a threat than ever. According to the FBI’s Internet Crime Report from last year, a record 847,376 cybercrime complaints were reported by the public in 2021 – a 7% rise from the previous year.