cyberark

EP 58 - Trust and Resilience in the Wake of CrowdStrike's Black Swan

Jul 30, 2024 By CyberArk In CyberArk
In this episode of Trust Issues, we dig into the recent the global IT outage caused by a CrowdStrike software update, which impacted millions of Microsoft Windows endpoints and disrupted many sectors. This “black swan” event highlights, among other things, the importance of preparedness, adaptability and robust crisis management.
Read Post
mend

Next-Gen Vulnerability Assessment: AWS Bedrock Claude in CVE Data Classification

Jul 30, 2024 By Maciej Mensfeld In Mend
Large language models are fascinating tools for cybersecurity. They can analyze large quantities of text and are excellent for data extraction. One application is researching and analyzing vulnerability data, specifically Common Vulnerabilities and Exposures (CVE) information. As an application security company with roots in open source software vulnerability detection and remediation, the research team at Mend.io found this a particularly relevant area of exploration.
Read Post
bitsight

Don't RegreSSH: An Anti-Pavlovian Approach to Celebrity Vulns

Jul 30, 2024 By Ben Edwards In BitSight
Before Crowdstrike caused the world to melt down for a few days, the talk of the security town was a recent OpenSSH vulnerability (CVE-2024-6387). Dubbed by its celebrity name regreSSHion, it is a Remote Code Execution vulnerability in some versions of OpenSSH discovered by the Qualys Threat Research Unit on July 1, 2024. Specifically, versions of OpenSSH compiled against the glibc library, which is to say “probably most of them”, were impacted.
Read Post
cato networks

A CISO's Guide: Avoiding the Common Pitfalls of Zero Trust Deployments

Jul 30, 2024 By Demetris Booth In Cato Networks
The world has evolved and the on-going momentum of Cloud and Work-From-Anywhere (WFA) has become unstoppable. CISOs have realized their traditional security architectures, specifically VPNs, are no longer adequate to ensure only authorized users have access to critical resources. This has made the role of CISO ever more important because we now have applications everywhere and people everywhere, leading to increased cyber threats everywhere.
Read Post
kovrr

Updates to the CRQ Platform: ISO 27001 Mapping and Model Calibration

Jul 30, 2024 By Kovrr In Kovrr
‍ ‍ ‍One of the most simultaneously exciting and challenging aspects of working in the cybersecurity industry is that the risk landscape and management practices never stop evolving. Additional data is continuously being gathered, and new frameworks are constantly developed to help organizations better assess, measure, and secure themselves against threat actors poised to exploit system weaknesses.
Read Post
devo

It's Time for SIEM to Act Like a Security Data Platform

Jul 30, 2024 By Devo In Devo
What you’re doing isn’t working. Despite best efforts, the scale of cybersecurity data is outpacing the ability of security information and event management (SIEM) solutions to identify and stay ahead of digital threats. Incremental improvements can’t keep pace with the scale of data contained in cloud solutions and the scope of data created by new tools, like generative AI. The result? It’s time for transformation—and time for SIEM to act like a security data platform.
Read Post
astra

Shadow APIs vs Zombie APIs - All You Need to Know

Jul 30, 2024 By Keshav Malik In Astra
In the age of digital-first businesses, every other software solution either uses an API (Application Programming Interface) or makes one. They enable various applications and services to work together, enabling businesses to improve features, streamline user experience, and provide new exciting offerings. Unfortunately, the more APIs we collect and interact with, the more security challenges increase.
Read Post
safebreach

Poseidon Infostealer, DoNex Ransomware, ElDorado Ransomware, and More: Hacker's Playbook Threat Coverage Round-up: July 2024

Jul 30, 2024 By Kaustubh Jagtap In SafeBreach
In this version of the Hacker’s Playbook Threat Coverage round-up, we are highlighting attack coverage for newly discovered or analyzed threats by the SafeBreach Labs team. SafeBreach customers can select and run these attacks and more from the SafeBreach Hacker’s Playbook to ensure coverage against these advanced threats. Additional details about the threats and our coverage can be seen below.
Read Post

Tines Idea: Simplify Security Alerts with AI in Tines

Jul 30, 2024 By Tines In Tines
From transforming data with a prompt and generated code, to directly accessing and using a language model in your workflows, our AI features make automation even more accessible and efficient for anyone in your organization. Learn how you can take multi-source security alert workflows from 25 actions to 3, reducing the potential for error and making it simpler to make updates like adding sources, change rule definitions, and more.
View Video
securitysenses

5 Genuine Reasons - Why Mergers & Acquisitions Need Virtual Data Rooms

Jul 30, 2024 By SecuritySenses In SecuritySenses
Virtual data rooms (VDRs) are revolutionizing merger and acquisition operations. They enable all parties involved - buyers, sellers, and intermediaries - to access, exchange, and analyze large amounts of information quickly and efficiently. This not only speeds up the transaction process but also increases its overall value. All transaction participants have access to a secure place to request, share, organize, and store thousands of confidential documents when using a virtual M&A data room.
Read Post
Subscribe to Security

Copyright © 2026 OpsMatters™. All rights reserved.