Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Risk Management

SecurityScorecard

Supply Chain Cybersecurity: Ensuring the Security of the Digital Ecosystem

Nov 28, 2023 By SecurityScorecard In SecurityScorecard

The digital ecosystem is an intricate web of interconnected technologies and processes. Within this network, supply chain cybersecurity has emerged as a critical component to safeguard against the growing threat landscape. As supply chains become increasingly digital, they also become more vulnerable to cyber attacks that can disrupt operations and compromise sensitive data.

Read Post

The Rise In Vulnerability Disclosure, Exploitation and Threat Intelligence

Nov 28, 2023 By Nucleus In Nucleus
Patrick Garrity, Security Researcher at Nucleus Security, discusses the rise of vulnerabilities exploitation and threat intelligence in the field of vulnerability management. He highlights the history of vulnerability management, the increase in vulnerabilities and exploitation, the limitations of the common vulnerability scoring system (CVSS), and the emergence of vulnerability threat intelligence. Patrick also emphasizes the importance of open-source intelligence, such as CISA's Known Exploited Vulnerabilities (KEV) List and the Exploit Prediction Scoring System (EPSS), as well as the value of commercial threat intelligence.
View Video
datadog

Easily identify and prioritize your top security risks with Datadog Security Inbox

Nov 27, 2023 By Lucas Masson In Datadog

In today’s complex cloud environments, security and engineering teams need to manage vulnerabilities and misconfigurations across multiple layers of the stack, including cloud resources, clusters, containers, and applications. Often, this results in a lengthy list of problems that lacks prioritization and is daunting for users to address.

Read Post
synopsys

Consolidate insight to enhance risk management

Nov 27, 2023 By Shandra Gemmiti In Synopsys
As the digital revolution has unfolded, the dramatic increase in the amount of code written, borrowed, and bought means that the attack surface has also increased dramatically. Software proliferation creates challenges for teams that must keep up with innovation while also securing their software.
Read Post
veracode

Top 5 Open Source Security Risks IT Leaders Must Know

Nov 27, 2023 By Natalie Tischler In Veracode

Lurking in the open source software (OSS) that pervades applications around the world are open source security risks technology leaders must be aware of. Software is one of technology’s most vulnerable subsets with over 70% of applications containing security flaws. Here are the open source security risks IT leaders must be aware of to protect technology and help it scale safely.

Read Post
riskoptics

Navigating the Waters of Change: A Risk Expert's Roadmap for NYDFS Cybersecurity Regulation Compliance

Nov 27, 2023 By RiskOptics In RiskOptics
In the fast-paced world of cybersecurity, change is not only constant but crucial. The New York Department of Financial Services (NY-DFS) demonstrated that principle on Nov. 1, 2023, when it completed a sweeping set of updates to its cybersecurity regulation. If you find yourself apprehensive about these changes, fret not — I’m here to guide you through the process and to provide a comprehensive plan for successfully meeting the new regulations.
Read Post
securitysenses

Enterprise Software Security: Challenges and Best Practices

Nov 23, 2023 By SecuritySenses In SecuritySenses
In an age where digital information is critical, enterprise software security is more important than ever. As organizations increasingly rely on complex software systems to manage their operations, the risks and vulnerabilities associated with these systems are growing. This article examines the key challenges in enterprise software security and outlines best practices for mitigating these risks.
Read Post
upguard

Choosing the Best Cybersecurity Software for Healthcare

Nov 22, 2023 By Leah Sadoian In UpGuard
One of the most common industries to face high-profile cybersecurity incidents is healthcare. The healthcare industry is a prime target for cybercriminals due to the vast amount of healthcare data, critical services provided, and the large scale of hospitals, private practices, and clinics. The healthcare sector can significantly enhance its cyber resilience and avoid potentially damaging cybersecurity incidents by implementing a reliable cybersecurity software solution.
Read Post
SecurityScorecard

C-Suite Liability & Cybersecurity: Navigating a New Era of Enforcement

Nov 22, 2023 By SecurityScorecard In SecurityScorecard

Author: Owen Denby, General Counsel, SecurityScorecard On October 30, 2023, the SEC charged both SolarWinds and their CISO Tim Brown with defrauding investors, by failing to make disclosures about cybersecurity issues and vulnerabilities related to the massive nearly two-year long “SUNBURST” hack of the company.

Read Post
SecurityScorecard

Being Proactive with Security

Nov 22, 2023 By SecurityScorecard In SecurityScorecard

As web applications continue to grow in complexity and sophistication, ensuring their security has become an increasingly daunting challenge. From emerging threats like API vulnerabilities and serverless architectures to well-known risks like cross-site scripting and SQL injection, organizations—regardless of size or industry—must be prepared to address a wide range of security concerns in order to keep their web applications safe and secure.

Read Post
Subscribe to Risk Management

Copyright © 2024 OpsMatters™. All rights reserved.