Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Nucleus Security co-founder and COO, Scott Kuffer, joined the Risky Biz News Podcast with host Catalin Cimpanu, for a discussion around trends Nucleus is observing when it comes to vulnerability management and how service level agreements (SLAs) have become a sign of an organization’s security health. In the podcast, Scott and Catalin discuss major trends of high performing vulnerability management programs for organizations using Nucleus’ platform, including.

How many times can we say, “It’s been a busy week for the security industry,” before it becomes cliche? We recently discussed changes in the SIEM market, with mergers and acquisitions disrupting the traditional SIEM vendor landscape and XDR vendors introducing new SIEM solutions. This week, we continue to see a range of mixed messages from the market around the future of XDR and SIEM.

According to the IBM Global AI Adoption Report, 82% of companies have already adopted or are exploring artificial intelligence (AI) solutions. However, with the rapid development of diverse AI-powered products and services, there’s been a growing need to establish regulatory frameworks for adopting AI responsibly. ‍

Here at Ignyte, we’ve talked a lot about FedRAMP, the Federal Risk and Authorization Management Program. As you likely well know, FedRAMP is the federal government’s unified security standard, derived from NIST standardization documents and transformed into a framework to provide a cohesive idea of security across disparate government organizations and contractors. You might wonder, how does this work with state-level agencies and departments?

Summer 2024 is about to heat up, and you know what that means. Sun, sand, and surf? Don’t forget to pack your swimsuit and sunscreen! Snow cones, strawberries, and s’mores? Mmmm, yes, please! Sightseeing, stargazing, and … scams? Oh my! Oops. Sorry for ending on such a bummer. But summer isn’t all fun and games and, unfortunately, scamming is on the rise. In 2023 alone, scams cost people more than $10 billion.

In the dynamic world of cybersecurity, creating an effective offensive security program is paramount for organizations seeking to proactively identify and mitigate potential threats. An offensive security program encompasses a suite of strategic components designed to test and strengthen an organization's defenses. An effective offensive security program includes various components, such as penetration testing, red/purple teaming, managed vulnerability scanning, and bug bounty programs, to name a few.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers an alleged data breach at Ticketmaster, a cyberattack on Synnovis affecting London hospitals, and a data breach disclosed by the BBC. The full reports are available to CYMON users. Request access here.

NIST has announced that it has filled the funding gap for the National Vulnerability Database (NVD) and hired a contractor to return it to its previous underwhelming state. What does that mean for us? Basically, The NVD is off life support, but we wouldn’t say it’s healthy. It’s more like “undead”.

APIs are crucial for modern digital businesses because they allow different software systems to communicate and exchange data seamlessly and they are foundational to how modern applications are built. However, they are also vulnerable to cyberattacks because they are widely used. To address this growing threat, organizations are increasingly turning to API protection solutions to protect their valuable data and ensure uninterrupted business operations.