5-Top NIST Best Practices To Secure Your Organization

The National Institute of Standards and Technology (NIST) is part of the US department of Commerce. NIST was originally established to help the US become more competitive with economic rivals and peers. It prioritizes developing measurements, metrics, and standards for technology used in different industries.

Nagios XI vulnerabilities resulting in privilege escalation (& more)

During some standard research as part of the Outpost24 Ghost Labs Vulnerability Research department, I discovered four different vulnerabilities in Nagios XI (version 5.11.1 and lower). Three of these vulnerabilities (CVE-2023-40931, CVE-2023-40933 and CVE-2023-40934) allow users, with various levels of privileges, to access database fields via SQL Injections.

Insider Threats: Ensuring Angry Employees and Innocent Do-Gooders Don't Derail Your Organization

Threats that arrive from outside an organization are difficult to deal with, but at least business leaders understand that they exist and prepare a proper defense. However, many managers don’t expect one of their employees to cause a problem from the inside. Sure, there will always be a worker who steals money from the cash register or walks out with a few reams of printer paper, but the true insider threat is much more dangerous. The U.S.

Navigating the AI Maze: Demystifying Artificial Intelligence and Its Misconceptions

In the world of technology, few concepts have captured our collective imagination like Artificial Intelligence (AI). It’s the promise of machines that can think, learn, and perform tasks with a level of sophistication that mimics human intelligence. Yet, the allure of AI has also given rise to a web of confusion, myths, and misunderstandings.

CrowdStrike to Acquire Bionic to Extend Cloud Security Leadership with Industry's Most Complete Code-to-Runtime Cybersecurity Platform

I’m excited to share that today at Fal.Con, CrowdStrike announced it has agreed to acquire Bionic, a pioneer of application security posture management (ASPM). This will give our customers the most seamless and comprehensive view of cloud risk — from code development through runtime — in a single, unified platform.

Happy second birthday, Kubescape!

Guest post originally published on Kubescape’s blog by Ben Hirschberg. Co-Founder and CTO at ARMO and a Kubescape maintainer. What do you get a piece of software for its second birthday? A brand new blog, of course! And cake. More on the cake later. Kubescape is an open-source Kubernetes security platform that helps you identify and fix security risks, misconfigurations and vulnerabilities in your Kubernetes clusters.

Strengthening our CrowdStrike Bond with Falcon Integration

It’s been just about a year since we first announced our partnership with CrowdStrike. We are delighted to share today that we’ve further strengthened that partnership with the new “better-together” story of Salt and the CrowdStrike Falcon® platform.

What Security Practitioners Can Learn from New SAST Vendor Analysis

Developing and maintaining secure code at scale is hard. Having the right Static Application Security Testing (SAST) solution makes it easier, but how are practitioners to choose? In the following interview, you’ll learn about three emerging trends from detailed analysis of the SAST landscape in The Forrester Wave™: Static Application Security Testing, Q3 2023.