The scale of vulnerabilities identified today has made identification a seemingly endless challenge. Traditional management programs tend to adopt an ‘everything is a risk’ approach. This will easily lead to overwhelmed IT teams. IT teams should refine their remediation methods to enrich vulnerabilities with business context, threat intelligence, data science, and machine learning.
Last week, our good friend Raj Umadas, Director of Security at ActBlue, teamed up with our very own Tim Erlin, Head of Product, to talk about the newly proposed NIST Cybersecurity Framework (CSF). It was a fantastic discussion covering the intent behind this update, the major changes from v1.1 to v2.0, and how it applies to API security. Raj and Tim really dug deep into a lot of issues, and answered a lot of questions from the audience.
At CrowdStrike, our mission is to stop breaches. We’re constantly researching and developing new technologies to stay ahead of sophisticated threats and stop adversaries from advancing their attacks. With collaborators like Intel, we’re at the forefront of integrating hardware, software and services to address the current and future challenges of the security professional.
The Internet of Things (IoT) has made a huge impact on our lives, connecting homes, workplaces and cities in ways that was once only seen as futuristic. But this connectedness comes with its own set of security challenges which need to be addressed. Are we doing enough to protect ourselves from potential security vulnerabilities now?
Organizations must stay ahead of the ever-changing landscape of cyber threats and embrace Zero Trust Network Access (ZTNA), a modern approach to network security. With ZTNA, granular access control is enforced along with identity-based authentication for secure and efficient networks that protect valuable assets. Are you ready to experience the benefits offered by this revolutionary zero trust implementation of network access?
Successful AWS migration takes more than simply choosing to migrate. It’s a journey, and you need to be confident in your choice to upend your existing on-premise workflows to align with your business’s future. The fundamental process around a migration strategy includes understanding the benefits of a new system, assessing gaps in your existing system, migration planning, and ultimately the actual migration aspect.
One thing the IT security community should be recognized for is its willingness to share information and solutions. If you’re moving to the cloud — or interested in increasing your applications’ security, take advantage of that.
Dallas Mavericks owner and well-known investor Mark Cuban reportedly lost nearly $900,000 in a phishing attack targeting his MetaMask cryptocurrency wallet. The incident was first flagged by crypto investigator WazzCrypto, who observed unusual transactions linked to a wallet associated with Cuban. This particular wallet had been dormant for about six months before all its funds were suddenly moved.
Welcome to the 9th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API8:2023 Security Misconfiguration. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.
