Trend Micro Fixes Several Critical Vulnerabilities in Apex Central and Endpoint Encryption PolicyServer

On June 10, 2025, Trend Micro released fixes for six critical vulnerabilities affecting Apex Central and Endpoint Encryption PolicyServer. Five of the vulnerabilities allow remote code execution (RCE), and one enables authentication bypass. The vulnerabilities were responsibly disclosed by the Zero Day Initiative (ZDI), a vulnerability research organization owned by Trend Micro.

Squish the Phish: 6 Automated Phishing Response Strategies

Despite being around for over 30 years, phishing is a bigger problem than ever for today’s SOCs. Phishing attacks have skyrocketed by 4,151% since the emergence of ChatGPT in 2022, leaving security teams drowning in phishing alert noise. And rather than getting better at recognizing phishing emails, humans are seemingly getting worse, in part due to the increasing phishing sophistication and customization at scale that GenAI offers.

9 Critical Questions to Ask When Choosing an MDR Provider

Managed Detection and Response (MDR) providers are indispensable to organizations seeking to bolster their cybersecurity posture. The proliferation of sophisticated attacks and the persistent shortage of skilled security professionals, outsourcing advanced threat detection, investigation, and response to a specialized MDR provider is a strategic move that cannot be overlooked. However, the market is flooded with vendors, each offering a unique blend of technology and human expertise.

Building the Anthropic Team: Daniela Amodei on Hiring 10x AI Engineers | Frameworks for Growth

In this episode of Frameworks for Growth, Vanta CEO Christina Cacioppo sits down with Daniela Amodei, President and Co-founder of Anthropic, to discuss what it takes to build both a mission-driven company and a cutting-edge AI research lab. They explore how Daniela approaches hiring with intention, how to scale responsibly in the age of AI, and what it means to build trust while working on transformative technologies like Claude.

How Browser-Level Signals Help Prevent Credential Stuffing Attacks

Credential stuffing attacks are one of the most persistent and damaging account-based threats facing security teams – and one of the hardest to detect. In 2024, Akamai, a global leader in content delivery and cybersecurity, reported more than 26 billion credential stuffing attempts globally every month – a staggering volume that’s not slowing down. Most enterprises rely on server-side, post-login detection, which captures only successful login attempts.

How to Create a Monitored Device in Brivo Access CP

In this video, we'll show you how to configure a Monitored Device in Brivo Access. Monitored Devices are openings that need monitoring without full access control (think emergency exits, secure cabinets, or equipment room doors). Explore the future of security and smart technology with Brivo. Our content delves into innovative solutions that empower businesses and individuals to create safer, more connected environments.

What Are the Common Challenges of Implementing PAM?

Implementing a Privileged Access Management (PAM) solution is essential to securing an organization’s most sensitive data. However, IT teams often face challenges in effectively deploying a PAM solution that satisfies both security and compliance requirements. Common challenges include complex integration with existing systems, scalability limitations and poor user experience. Continue reading to learn more about the challenges organizations face when implementing PAM and how to overcome them.

Securing Payment Pages: PCI DSS 11.6.1 Guide

PCI DSS 11.6.1 (4.0) requires merchants and TPSPs to deploy change- and tamper-detection mechanisms that monitor and alert on unauthorized modifications to payment page scripts and HTTP headers, as seen in the customer’s browser. Monitoring must occur weekly or per a risk-based schedule. Tools like CSP, script behavior monitors, and alerting systems help ensure compliance and prevent e-skimming threats like Magecart.

TPCRM Framework: Building Digital Trust for Modern Enterprises

Third-party cyber risk management (TPCRM) has emerged as a critical discipline, moving beyond traditional approaches to address the unique and evolving cyber threats posed by vendor relationships. This post explains the core tenets of TPCRM, outlines key requirements for ideal tools, and suggests implementation strategies for this new, important branch of cybersecurity.

Lockdown Android Tablet for Business with miniOrange MDM

Thinking of using Android tablets for your business? Great choice—but unmanaged tablets can lead to data risks and distractions. In this blog, we’ll walk you through how to lockdown Android tablets using a Mobile Device Management (MDM) solution. Whether you are running a retail store, managing field staff, or setting up kiosks, learn how to restrict tablets to only business apps and tasks.