New in Vanta | May 2023
In May we announced Vanta Workspaces for customers with multiple business units, improved navigation bar labels & groupings, 15 new integrations, and more.
How do you manage secrets (Credentials) in an organisation - Expert panel
In this video a panel of experts discuss how to create an effective secrets management program and what are the challenges large organisations face when trying to combat security issues like secrets sprawl. The discussion is with between: Mackenzie Jackson from GitGuardian James Governor, Co-founder & Analyst at RedMonk Andrei Predoiu, DevOps Engineer at Bestseller Mike Carey, Senior Product Manager at 1Password.
What Are SBOMs? Software Bill of Materials for Secure Software Supply Chains
Vendors have long used bills of materials to detail the pieces that make up their supply chain products. Software bill of materials (SBOM) is a similar but traditionally less critical development in IT. However, that is quickly changing: companies are concerned about the security of their purchases, especially as applications become more expensive and sophisticated.
Techno Security & Digital Forensics Conference East 2023 - A community defending against ever evolving threats
For the 23rd year, Techno Security & Digital Forensics Conference East brought practitioners from law enforcement, academia, and security industry pros to learn from each over.
Understanding AI risks and how to secure using Zero Trust
AI’s transformative power is reshaping business operations across numerous industries. Through Robotic Process Automation (RPA), AI is liberating human resources from the shackles of repetitive, rule-based tasks and directing their focus towards strategic, complex operations. Furthermore, AI and machine learning algorithms can decipher the huge sets of data at an unprecedented speed and accuracy, giving businesses insights that were once out of reach.
How Maptote found peace of mind with 1Password
Boutique brand Maptote makes fun location-based tote bags and gifts, but as a six-person operation, they can't hire a full-time IT professional. That's where 1Password comes in, letting them secure and share all their crucial business accounts.
Devo Exchange - MITRE ATT&CK Adviser
Reading, understanding, and tracking alerts and log sources within the context of the MITRE ATT&CK framework is now possible in Devo with the MITRE ATT&CK Adviser application.
New Vulnerabilities Similar to CVE-2023-34362 Identified in MOVEit Transfer and MOVEit Cloud
On June 9, 2023, Progress released a security advisory detailing newly discovered SQL injection vulnerabilities impacting the MOVEit Transfer web application and Cloud. The vulnerabilities are distinct from CVE-2023-34362, which was actively exploited by Clop Ransomware to exfiltrate data and extort compromised organizations. Although distinct, the vulnerabilities result in nearly identical unauthorized access where threat actors could modify or disclose MOVEit database content.
The 443 Podcast - Episode 246 - Minecraft Mod Malware
This week on the podcast we cover a supply chain attack of sorts against Minecraft gamers. After that, we cover a vulnerability in MOVEit Transfer that threat actors are exploiting in the wild to steal data and deploy ransomware. Finally, we wne with our review of the latest Verizon Data Breach Investigations Report (DBIR).
Organizations Take 43 Hours to Detect an Spear Phishing Cyber Attack
New data makes it crystal clear that spear phishing is a real problem… and organizations may not properly be prepared to detect and address it. Cybercriminals know the more targeted a phishing attack – from the email theming to the impersonation to the intended victim – the more likely the attack will be a success.