Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In a time where cyber threats evolve as swiftly as the technologies they target, organizations need a strategic approach to rise above the noise while effectively reducing risk. Enter Continuous Threat Exposure Management (CTEM) — a paradigm-shift in cybersecurity introduced by Gartner. In this article, we compare and contrast CTEM with a closely related, traditional approach – vulnerability management – and discuss practical ways to apply CTEM in your organization.

With Teleport 15.2, we’ve added a preview for Teleport Workload Identity. Teleport Workload Identity lets teams bootstrap and issue identities to services across heterogeneous environments and organizational boundaries. A core value of Teleport comes from having a central access platform, and we believe that humans and machine access need to join and access using the same zero-trust best practices.

If you spend quite a bit of time in the command line, working with Docker images and containers locally to build and test them, you might be in the mood for some power-user Docker commands. We're skipping the basics and diving straight into the lesser-known yet highly effective commands that can significantly improve your Docker experience.

JumpCloud’s MSP partners are at the forefront of providing essential IT services to small and medium-sized businesses globally. In our interview series, we delve into conversations with these partners, exploring the dynamics of their MSPs and how JumpCloud plays a pivotal role in their operations. In today’s feature, we had the opportunity to speak with Chris Notley of FIFUM.

The internet has become an indispensable part of daily work, enabling greater flexibility, productivity, and communication. However, connecting to the internet introduces new challenges, particularly in terms of security. With cyber threats evolving constantly, organizations face the daunting task of protecting their users and network from a multitude of risks, including phishing websites, malware downloads, and access to sites that violate acceptable use policies.

In a new threat briefing, Forescout Research – Vedere Labs details an exploitation campaign targeting organizations running Fortinet’s FortiClient EMS which is vulnerable to CVE-2023-48788. We are designating this campaign Connect:fun because of the use of ScreenConnect and Powerfun as post-exploitation tools – our first-ever named campaign.

In this article we’ll discuss DSPM and DFPM, their similarities and differences, and the value that each one brings.

Cyber threats are constantly evolving and becoming increasingly sophisticated, and organizations are continuously searching for ways to fortify their cybersecurity defenses. One approach that has gained significant traction is hyperautomation. Hyperautomation, which automates once-manual security workflows and processes, enhances cybersecurity posture, streamlines security operations, and effectively mitigates risks.

On April 11, 2024, CISA issued an cybersecurity advisory disclosing a compromise of customer data from Sisense. The previous day, cybersecurity journalist Brian Krebs had published an email sent to Sisense customers by the company’s CISO. The specific details of the compromise have not been made public at this time. Furthermore, Arctic Wolf has not observed any malicious activities conducted by threat actors using compromised credentials from Sisense.

The EU Cyber Resilience Act (CRA) is a major piece of cyber legislation passed in 2024 in the European Union (EU) that regulates cybersecurity for digital products and services. The EU Cyber Resilience Act directly complements the NIS2 Directive, which regulates risk management and incident reporting across the European market.