Digital transformation is creating unpredictable mutations across the attack surface. As a result, some third-party risks have outgrown the discovery mechanisms offered by the hundreds of standard security frameworks currently available. To cater to these growing use cases, UpGuard has introduced custom questionnaires to its industry-leading third-party risk management platform. Custom questionnaires are vendor security questionnaires that you can design yourself.

On May 8th, I was at a gas station filling up my car before a trip I was taking when the news about a cyberattack against a large pipeline company broke. The attack led them to halt all operations. Ultimately, the incident stemmed from a ransomware infection in which a well-known threat actor took volumes of corporate data in just two hours and made their demands including the threat to block and encrypt the company’s network. They even threatened to release the data to the internet.

Hotels across the globe have been subject to massive data breaches and widespread loyalty fraud over recent years. Competitive bookings have become a prime target for cybercriminals who take advantage of look-to-book ratios and the vast amounts of data held by hotel chains to execute loyalty program abuse. But as severe travel restrictions came into play and bookings ground to a halt, hotels became almost redundant for 12 months of the pandemic.

The great Ricky Bobby from Talladega Nights once said, “If you ain’t first, you’re last.” Whether we’re talking about a NASCAR race or responding to a security alert, being able to quickly discover attacks and adversaries and respond rapidly is critically important to reducing risks and managing threats to your organization. How do we suggest you do that? With a SOAR (Security Orchestration Automation & Response) tool.

2020 is the year that remote working exploded. Businesses and the general public had to quickly adapt to new ways of working caused by the pandemic. There was suddenly a heightened awareness of cyber security and its importance. The need for further education on cyber security highlights the important work Sentrium carries out every day. Sentrium’s commitment and passion for providing best-practice cyber security support helps businesses to gain assurance in the security of their assets.

While the world is still more familiar with physical IDs (which may then be linked to online government records), it continues to be inadequate today, as they can be easily manipulated or purchased illegally. IDENTITY –still on a piece of paper? This needs another thought, in a world where hard copies are going obsolete. Hence, governments of different countries have taken up new projects to build a 100% secure and digitized identity by levelling up their existing systems.

DLP security strategies, benefits explained The threat landscape is a constantly evolving challenge for enterprise security professionals – the number of cyberattacks is continuing to rise, data exfiltration is now included in 70% of ransomware attacks, and insiders are responsible for 30% of all data breaches. As a result, enterprises are constantly looking for ways to reduce the risk of sensitive data being leaked outside the company.

STOCKHOLM, SWEDEN – the Detectify Security Research team announced the general availability of Ugly Duckling, a stand-alone application security tool specifically tailored for ethical hackers to make it easier for them to share their latest findings. This new open-source scanner was developed with the Detectify Crowdsource community hackers in mind, and it is available for any security enthusiasts to tinker with as well.

In November 2019, just after Styra raised $14 million in our Series A funding round, I wrote that the market’s move away from monolithic apps and adoption of containerized cloud-native application architectures was going to provide “a substantial market opportunity for policy and authorization to evolve.” A lot has happened since I wrote that, and I’m happy to report that while our Series A round showed the market opportunity, our latest round of funding proves the validity of t

Our phones know a lot about us, so it’s important we can trust them. After discovering and then publishing our findings on SourMint — the malicious iOS ad SDK — the Snyk Security Team decided to dig deeper in the Android ecosystem. To do so, we leveraged Snyk Code to analyze and search for vulnerabilities in applications uploaded to the Google Play store.