We recently rolled out new capabilities.

Today, we’re launching multiple customization improvements to Vanta’s automated test capabilities, previously announced at VantaCon in December. With Custom Tests, you now have the ability to adjust Vanta’s pre-built tests as well as create new tests from scratch with new logic. ‍ Custom Tests empower you to gather evidence across your systems and use Vanta’s automation to continuously monitor and alert you when items fall out of compliance.

In an ideal approach to zero trust, in which every user and device must continually prove their identity, automation is more than a useful tool, it’s essential to your federal agency’s success. You don’t need to take our word for it - security automation and orchestration is mandated by M-22-09 and M-21-31, and forms an integral part of the framework in CISA’s ZTMM (zero trust maturity model).

At Snyk, we are big fans of Open Policy Agent’s Rego. Snyk IaC is built around a large set of rules written in Rego, and customers can add their own custom rules as well. We recently released a series of improvements to Snyk IaC, and in this blog post, we’re taking a technical dive into a particularly interesting feature — automatic source code locations for rule violations.

We at Nucleus Security are thrilled to share our journey and vision following our recent $43 million Series B funding round. This investment, led by Arthur Ventures and Lead Edge Capital, is a testament to our commitment to leading the charge in vulnerability management innovation and our dedication to protecting digital infrastructures worldwide. Read the full press release here.

Ranging from the process of recovering stolen data to having to hire legal services, a cyberattack generates a series of costs that companies have to face. According to an IBM report, the global average cost of a data breach reached $4.45 million in 2023, which represents an increase of 15% in three years. This seven-digit figure is clearly worrying.

Modern organizations face a wide and constantly changing range of network security threats, and security leaders must constantly update their security posture against them. As threat actors change their tactics, techniques, and procedures, exploit new vulnerabilities, and deploy new technologies to support their activities — it’s up to security teams to respond by equipping themselves with solutions that address the latest threats.

Network vulnerability scanning provides in-depth insight into your organization’s security posture and highlights the specific types of vulnerabilities attackers may exploit when targeting it. These tools work by systematically scanning your network environment — including all desktops, laptops, mobile endpoints, servers, and other assets for known weaknesses and misconfigurations. Your analyzer then produces a detailed report that tells you exactly how hackers might breach your systems.