Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this video, we examine two significant API security failures, each with devastating consequences. The first breach used a simple trial-and-error method, exploiting broken access control to impact 10 million users. In the Dell example, API abuse exploited a lack of validation and rate limiting, allowing an attacker, posing as a partner, to scrape 49 million records over several weeks. These cases highlight the importance of robust API security practices, especially for business processes and access control. Watch to learn key takeaways on protecting APIs from similar attacks.

Curious to know what's new with Torq? Watch this video to learn what the latest updates are to the Torq Hyperautomation platform. Chapters.

Watch this week's Defender Fridays with John Tuckner, Founder of Secure Annex, as we explore browser extensions and the risks they pose to your organization. Learn, share, and grow alongside industry experts in information security.

Watch the full video for more...

We’ll connect the dots for your security, you worry about taking care of your clients.

* Explore some of the top use cases for which our on-demand CRQ platform is utilized, walking through the specific features and how to leverage them for each of the use cases. These use cases include high-level communication and board reporting, insurance optimization, budgeting, and additional resource justification.

On June 15, 2024, half a year after the SEC's cybersecurity regulations were enacted, smaller organizations—those with a public float under $250 million or annual revenue under $100 million—were finally subject to report material cyber events on Form 8-K, Line 1.05. However, as the larger entities have already demonstrated, determining materiality can be complex, requiring stakeholders to consider financial loss, compromised data records, operational impacts, and more.

In this video, we cover strengthening password security, the first layer of defense.

Are layoffs increasing your cybersecurity risk and driving your team to burnout? This episode looks into the psychological underpinnings of infosec to navigate turbulent times at work.

Justin Bollinger, Principal Security Consultant at TrustedSec, discussed his research and mitigation guidance on ADCS ESC15 (CVE-2024-49019), also known as EKUwu, a vulnerability in Microsoft's Active Directory Certificate Services.