Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Learn how Bitsight Third-Party Vulnerability Detection empowers third-party risk professionals to find and remediate threats - including major security events - more quickly within their vendor portfolio. Identify exposure and mitigate risk more easily with critical insights into the impact on your organization’s third parties.

Learn how BitSight for Fourth-Party Risk Management, helps you uncover deep insights into the most crucial and concentrated risk in your extended vendor network so you can proactively manage and remediate risk. With our latest enhancements, you can address concentrated risk within your extended vendor network in a more scalable and efficient way.

MITRE ATT&CK is, in both depth and breadth, the most extensive attack knowledge base, providing suggested mitigation techniques, detection procedures, and other relevant technical information. MITRE has expanded the Kill Chain to include a wide variety of tactics that are then supported by specific techniques. This organized approach enables FSIs to select and analyze attacks methodically and compare them to the capabilities of internal security controls to understand the gaps.

FSIs face a myriad of challenges, and the impact has resulted in a 1,318% increase in ransomware attacks in 2021. Given the increasing sophistication of these attacks, there is a growing need for FSI’s to understand their level of risk and to implement a proactive approach to defending themselves.

As FSIs adopt new technologies to increase business efficiencies and drive new business, they are now operating with new applications, devices, and infrastructure. This not only increases their attack surface, but also the level of risk to their company and customers. But, traditional scanning and testing technologies struggle in a multi-cloud world. In this session, SafeBreach CISO Avishai Avivi will discuss how you can cut through the noise and simplify the testing of cloud controls.

FSIs often have some of the most comprehensive and mature security controls across all industry sectors, but the rewards are high for criminals who seek to gain direct access to their network and valued customer data. As FSIs update their IT and security technology and programs, managing the growing attack surface will continue to become more complex and dispersed. In this session, SafeBreach Director of Research Tomer Bar will share how attacks are conducted, which APT group have been the most active, and what risks they pose to FSI’s.

In this presentation for HashiTalks: Deploy, 1Password Sr. Software Engineer Jillian Morgan digs into using 1Password CLI to manage secrets in a Terraform workflow.

Unfortunately a novel technique has been developed by Or Yair, a security researcher to weaponize the file deletion functionality of most enterprise quality EDR solutions to include SentinelOne and Microsoft. If you're running or you support small business that runs F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras be on the lookout for a Go-based malware named Zerobot in the wild.

With CI Fuzz CLI, Java, developers can integrate fuzz tests into their unit testing setups (e.g. JUnit). In this video, Josh demos how easy this can be done in Gradle.

To help organizations enhance Palo Alto Networks security solutions, Devo provides the Devo 360 for Palo Alto application, where cloud-native logging and security analytics meets Palo Alto Networks firewall technology.