The software bill of materials (SBOM) is quickly becoming an essential aspect of open source security and compliance. In this post, we'll delve into what SBOMs are, why they're necessary, and their role in open source security.

The recent rapid adoption of the AI application “DeepSeek” has gained significant global attention. Becoming the app on both the Apple Store and Google Play Store within its first few days, seeing over 10 million downloads. While this explosive growth of DeepSeek R1 highlights the public’s fascination with AI-driven tools, the security community and policymakers have been less enthusiastic.

With increased reliance on the cloud and data being today’s digital currency, cybercrime has become a pervasive threat that impacts individuals, businesses, and governments alike. Understanding the various types of cybercrime is essential for developing effective strategies to protect against these malicious activities.

As one of the world’s largest and most advanced economic regions, the European region consists of 37 countries including the 27 European Union (EU) countries. With some of the most important economies in the world, Europe remains a prime target for cyber adversaries and state actors. The retail industry faces a constantly evolving array of threats among its major sectors.

At the heart of a strong data management plan is awareness surrounding the 'Five Ws' of the enterprise's data: A comprehensive data management plan incorporates the answers to these questions with policy decisions and incident response procedures. Knowing what data an enterprise produces or consumes, as well as being able to classify it based on sensitivity, are the keystones of such a plan.

As cyberattacks rise in number and sophistication, many CISOs are pushing their organizations to adopt modern SIEM solutions to better monitor and investigate threats to their applications and infrastructure. Enterprises with a large Microsoft Azure or Windows-based footprint in particular are increasingly eyeing Microsoft Sentinel to consolidate their security stack and workflows.

What if your most personal chats, the very foundation of your digital existence, were exposed? Unfortunately, that’s precisely what happened with the Salt Typhoon Hack on July 2024, a terrible cyberattack that put big U.S. telecom companies at risk. The scale of this intrusion has never been seen before. Malicious actors accessed sensitive data such as call logs, metadata, and even interactions with key political officials.

The cyber threat to critical infrastructure has never been greater. The growing sophistication of cybercriminals, deteriorating geopolitical relations, and the convergence of operational technology (OT) and information technology (IT) have created unprecedented risks for critical infrastructure organizations. Fortunately, resources are available to help these organizations protect themselves.

In the world of cybersecurity, nothing stays still for long. The endless proliferation of new technologies and rapidly shifting threat landscapes forces organizations to continually reevaluate their approach to risk. Over the last two decades, security teams have leaned heavily on vulnerability management (VM) solutions to identify, classify, and patch software vulnerabilities on internal assets.