In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission.
The underrated threat of domain takeover and hacking a firm’s internal and external attack surface can enable malicious actors to circumvent many advanced website protection mechanisms. However, Detectify Crowdsource hacker Jasmin Landry says that deploying an external attack surface management (EASM) system can help beef up your security before a malicious hacker wreaks havoc on your company. A common aphorism in cybersecurity is that there’s no such thing as perfect security.
With the current global cybersecurity talent shortage just over three million, and the cybersecurity job market continuing to grow (31% in the U.S. by 2029), opportunities are plentiful for anyone interested in a career in cybersecurity. In support of this week’s Cybersecurity Awareness Month theme, “Cybersecurity Career Awareness,” I had an opportunity to speak with Dave Stromberg, ThreatQuotient’s Talent Acquisition Manager.
NIST Cybersecurity Framework (CSF) is a voluntary security framework created through industry, academic, and US government collaboration that aims at reducing cyber risks to critical infrastructure. The framework is a result of the Presidential Executive Order (EO) 13636 that directed NIST to develop a framework in collaboration with the security stakeholders of the economic and National security of the US.
SAML authentication is a must for organisations that want to do federated identity and single sign-on. These applications require both sides of the service or application to use a common set of credentials for identification and authorization. This is an effort to reduce security risks, increase the availability of services through more robust authentication, improve reliability by leveraging existing investments in infrastructure, and improve the end-user experience.
While the mission statement of the Zenity Low-Code Security Blog is to help organizations adopt low-code platforms securely and with confidence, we often find ourselves explaining basic low-code concepts and principles - mostly to those who are not familiar with the day-to-day low-code development process.
I am often asked what has changed and what will need to change most about cybersecurity in the next few years, especially as we come out the other side of a global pandemic that upended all kinds of plans. But let’s start by level-setting: the grand strategy for security—protect data—hasn’t changed. It’s the tactics that have changed, and more importantly, must continue to change.
A new day, a new wave of S3 leaks… Cloud misconfigurations continue to be a major concern for organizations and a constant source of data leaks. A recent report by IBM has revealed that misconfigurations are behind two-thirds of cloud security incidents.
I’ve been working at Tripwire for over two decades, and I’ve acquired a fair bit of swag over those years: branded jackets, hats, shoes, a watch, and of course a drawer full of t-shirts. One thing I never would have predicted owning was a Tripwire-branded face mask to protect me from a global pandemic. Over the past year, I’ve worn that face mask more than any of my other swag. Of course, none of my other swag protected me and others from a highly contagious, deadly virus.
For those in the security space or at C-level, you’ve likely seen a recommendation about how to manage encryption and corresponding keys. Or at least something about encryption needing further consideration. Chances are, if you’re reading this you have at least an interest in the topic and are researching relevant products.
