Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cloud storage services and SaaS apps like Google Drive and Microsoft OneDrive provide convenient, scalable solutions for managing documents, photos, and more—making them indispensable for modern work and personal life. However, misconfigured settings and permissions can lead to serious security breaches, noncompliance, and even the loss of customer trust. Let’s explore the 5 most common misconfiguration issues with real-world examples.

As the number and severity of third-party breaches continues to rise, companies are scrutinizing more closely not just how they handle data, but how their vendors do as well. For security leaders, this means more security reviews are coming across their desk everyday. ‍ Limited resources and legacy processes make it hard for security teams to keep up with the pace of business.

When you think of cybersecurity, your mind likely goes to external threat actors — malware, ransomware, spearphishing attacks, and other malicious activity. However, it’s crucial to note that 60% of data breaches are caused by insider threats, and a staggering 74% of organizations are at least moderately vulnerable to them. It’s not everybody else your organization needs to worry about; it’s your own people.

Observability, especially in the context of cloud-native applications, is important for several reasons. First and foremost is security. By design, cloud-native applications rely on multiple, dynamic, distributed, and highly ephemeral components or microservices, with each microservice operating and scaling independently to deliver the application functionality.

The rapid advancements in large language models (LLMs) have revolutionized how we interact with technology, powering various applications for different use cases. As the adoption of LLM-powered solutions continues to grow, so does the emergence of new and evolving security threats that aim to exploit these robust AI systems.

The Verizon Data Breach Investigations Report is to security what the Vogue September issue is to fashion: a glossy, buzzy publication that guides the industry’s conversations for an entire year.

User and Entity Behavior Analytics (UEBA) is a long-term that essentially refers to a security process that utilizes analytics to identify abnormal network behavior. UEBA takes a proactive approach by scanning the actions of users and entities within a network. It doesn’t just react to threats but also establishes a baseline from which it learns to be more precise and timely, empowering you to stay ahead of potential security breaches!

Building, pre-training, and fine-tuning an AI model is no small task and you’ll naturally want to protect your efforts from theft, denial of service attacks, malicious use, and other threats. In this blog we’ll go over the basics of keeping AI models safe from both legal issues and bad actors.

Since our beginning, CyCognito has integrated AI techniques to power robust and accurate attack surface discovery and testing. And we’re also adding new capabilities all the time. In this post, we’ll share with you some of the tasks that CyCognito’s AI helps power or simplify, along with a primer of the various techniques we leverage.