%term

How Threat Actors Use Enterprise Applications in Microsoft 365 to Exfiltrate Data

Nov 27, 2024 By Kroll In Kroll

Microsoft 365 (M365) has become the industry standard for business email platforms, allowing users access to a variety of interconnected productivity and communication applications. With data readily available across multiple applications within M365, threat actors are using a specific technique to exfiltrate data within a user’s M365 email account.

Read Post

Kroll

Read more about How Threat Actors Use Enterprise Applications in Microsoft 365 to Exfiltrate Data

What happens when you switch audit firms? | TrustTalks - Ep 4 | Security and GRC Podcast

Nov 27, 2024 By TrustCloud In TrustCloud

Switching audit firms is not just a routine decision; it’s a strategic move that can significantly impact your business’s financial health and compliance. Whether you’re dissatisfied with your current auditor’s performance, seeking specialized expertise, or looking to cut costs, making the switch can offer numerous benefits and challenges. In this podcast, we’ll explore what happens when you switch audit firms, including the steps involved, potential risks, and key considerations to ensure a smooth transition.

View Video

TrustCloud

Read more about What happens when you switch audit firms? | TrustTalks - Ep 4 | Security and GRC Podcast

How 1Password supports SOC 2 compliance

Nov 27, 2024 By Marc von Mandel In 1Password

The rapid adoption of cloud technologies and the increasing reliance on distributed workforces have transformed the modern business landscape. However, these shifts come with significant risks, particularly concerning the protection of sensitive data.

Read Post

1Password

Read more about How 1Password supports SOC 2 compliance

What Is Penetration Testing?

Nov 27, 2024 By Ashley D'Andrea In Keeper

Penetration testing, also referred to as pen testing, is a simulation of a cyber attack that organizations conduct to identify security vulnerabilities within their systems. By finding weaknesses through a simulated cyber attack, organizations can pinpoint areas that need improvement before a cybercriminal can exploit them. Penetration testing helps organizations address issues in their systems to prevent unauthorized access, meet compliance requirements and minimize the risk of phishing attacks.

Read Post

Keeper

Read more about What Is Penetration Testing?

The Vendor's Survival Guide to Security Questionnaires | TrustTalks Ep 5 | Security and GRC Podcast

Nov 27, 2024 By TrustCloud In TrustCloud

Seeking a solution that streamlines vendor risk management and automates security questionnaires? Imagine a tool that offers a comprehensive portal, securely shares information, uses AI to handle responses, and frees up your evenings. It might sound too good to be true, but with ⁠TrustShare⁠, it’s a reality. Forget the hassle of maintaining a knowledge base or configuring tools meant for RFPs. TrustShare takes care of everything, from AI-driven responses to seamless information sharing, which leads to faster sales cycles.

View Video

TrustCloud

Read more about The Vendor's Survival Guide to Security Questionnaires | TrustTalks Ep 5 | Security and GRC Podcast

Why a Zero Trust Architecture Must Include Database Security

Nov 27, 2024 By Trustwave In Trustwave

Whether the means of a cyber-attack are phishing, ransomware, advanced persistent threat, malware, or some combination, the target is ultimately the same: your data. So, as companies seek to implement a zero-trust approach to security, they would do well to include database protection. Interest in Zero Trust is certainly high, with nearly two-thirds (63%) of organizations worldwide having implemented a zero-trust strategy, according to a recent Gartner survey. But it is hardly all-encompassing.

Read Post

Trustwave

Read more about Why a Zero Trust Architecture Must Include Database Security

AWS & 1Password: New integrations help strengthen security

Nov 27, 2024 By Micah Neidhart In 1Password

When the tools in your security stack work together, it reduces administration overhead, lowers costs, and increases protection across your organization. That’s why we’ve spent the last year deepening our partnership and product integrations with AWS and other security providers in their ecosystem.

Read Post

1Password

Read more about AWS & 1Password: New integrations help strengthen security

How Is API Abuse Different from Web Application Attacks by Bots?

Nov 27, 2024 By Wallarm In Wallarm

API abuse and web application bot attacks are often confused. This is understandable, as both involve automated interactions and are usually executed by bots. Both attack vectors are prevalent; criminals are always eager to disrupt the foundations on which businesses base their operations to achieve their malicious goals and they frequently automate their actions for maximum results.

Read Post

Wallarm

Read more about How Is API Abuse Different from Web Application Attacks by Bots?

MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Nov 27, 2024 By Guardians In GitGuardian

Our stack to go from experimenting to production won't have any more secrets for you.

Read Post

GitGuardian

Read more about MLOps Done Right: GitGuardian's Battle-Tested Open-Source Stack

Beyond Traditional Security: Addressing the API Security Gap

Nov 27, 2024 By Eric Schwake In Salt Security

Let’s be honest: APIs are the unsung heroes of the modern business world. They work silently behind the scenes, connecting applications, driving innovations, and ensuring your digital transformation stays on track. However, there’s a crucial downside: APIs can pose a significant security risk. They can be likened to unlocked doors leading to your sensitive data and essential business functions—an ideal target for hackers.

Read Post