%term

Preventing insecure deserialization in Node.js

Apr 17, 2023 By Benson Kuria Macharia In Snyk

Serialization is the process of converting a JavaScript object into a stream of sequential bytes to send over a network or save to a database. Serialization changes the original data format while preserving its state and properties, so we can recreate it as needed. With serialization, we can write complex data to files, databases, and inter-process memory — and send that complex data between components and over networks.

Read Post

Snyk

Read more about Preventing insecure deserialization in Node.js

The Not-So-Hidden Cost of Unpatched Devices

Apr 17, 2023 By Tanium In Tanium

A patch management strategy that considers the risks, prioritizes critical patches and ensures timely deployment will reduce business disruptions, improve operational efficiency and create a competitive advantage.

Read Post

Tanium

Read more about The Not-So-Hidden Cost of Unpatched Devices

Behind the Curtain: Falcon OverWatch Hunting Leads Explained

Apr 17, 2023 By Falcon OverWatch Team In CrowdStrike

Most hunting enthusiasts agree that the thrill of hunting lies in the chase. Equipped with experience and tools of their trade, hunters skillfully search for signs of prey — a broken twig, a track in the mud. CrowdStrike® Falcon OverWatch™ threat hunters are no different. They search for signs of their prey — of adversaries lurking in the dark — and these signs are called hunting leads.

Read Post

CrowdStrike

Read more about Behind the Curtain: Falcon OverWatch Hunting Leads Explained

Ensuring Secure, Scalable, and Sustainable Remote Access for the Hybrid Workforce

Apr 17, 2023 By Demetris Booth In Cato Networks

Remote or hybrid work have become the de facto standard for many companies, post-pandemic, as more employees demand more flexible workplace policies. Therefore, organizations looking to support hybrid work will require a long-term strategy that ensures their infrastructure is equipped to securely facilitate this new flexible work environment.

Read Post

Cato Networks

Read more about Ensuring Secure, Scalable, and Sustainable Remote Access for the Hybrid Workforce

The 443 Episode 238 - Zero Trust Maturity Model 2.0

Apr 17, 2023 By WatchGuard In WatchGuard

This week on the podcast, we cover two new publications out of CISA. First, we dive into CISA's guidance to manufacturers and customers on products that are secure-by-design and secure-by-default. Next, we discuss CISA's latest Zero Trust Maturity Model which any organization can use to gauge how far along they are on the ZTA path and where the should focus their efforts next. Finally, we end wit some research from Blaze Information Security on a series of vulnerabilities in a play-to-earn blockchain game.

View Video

WatchGuard

Read more about The 443 Episode 238 - Zero Trust Maturity Model 2.0

The Benefits of Customized Regtech Solutions for SIs and their Clients

Apr 17, 2023 By Sumanth Kumar In IDcentral

As a service provider for obligated organizations, it is essential to understand the factors driving the need for collaboration with regtech providers. It’s not just about adopting new technology; the real potential lies in effectively addressing anti-money laundering (AML) threats and streamlining regulatory compliance. Regulators consider regtech to be critical to modernizing the financial sector and ensuring clarity in supervisory expectations.

Read Post

IDcentral

Read more about The Benefits of Customized Regtech Solutions for SIs and their Clients

Securing private applications with CrowdStrike and AWS Verified Access

Apr 17, 2023 By CrowdStrike In CrowdStrike

CrowdStrike Zero Trust Assessment (CrowdStrike ZTA) provides customers the ability to assess their endpoint security posture, allowing AWS Verified Access to provide conditional access to resources that comply with their organization’s device posture policies.

View Video

CrowdStrike

Read more about Securing private applications with CrowdStrike and AWS Verified Access

5 Ways to Evaluate the ROI of Your Cybersecurity Program

Apr 17, 2023 By BitSight

Cybersecurity ROI isn't about cost savings. It's about how your cybersecurity program helps you achieve your goals while managing risk to a level that your executive team is comfortable with. So if you shouldn't measure success in cost savings, how do you measure it? BitSight is providing five steps that help CISOs and executive teams evaluate their company's cybersecurity performance.

Get EBook

BitSight

Read more about 5 Ways to Evaluate the ROI of Your Cybersecurity Program

Creating Trust in an Insecure World: Strategies for Cybersecurity Leaders in the Age of Increasing Vulnerabilities

Apr 17, 2023 By BitSight

Are you overwhelmed by the intricacies of your attack surface? Concerned about the rising risk of vulnerabilities in your and your partners' digital ecosystems? New BitSight research finds that the average vulnerability remediation rate across organizations is about 5 percent per month, sparking concern that the status quo of exposure and vulnerability management is broken. Moreover, organizations face significant challenges in managing vulnerabilities in their extended, third-party ecosystem, and most security leaders do not have the tools to address these emerging threats.

Get Report

BitSight

Read more about Creating Trust in an Insecure World: Strategies for Cybersecurity Leaders in the Age of Increasing Vulnerabilities

Meeting OCC Third-party Risk Requirements [2023 Edition]

Apr 16, 2023 By Edward Kost In UpGuard

The Office of the Comptroller of the Currency (OCC) has outlined its third-party risk management requirements for United States national banks and federal savings associations in the OCC Bulletin 2013-29. These risk management standards don't only apply to third-party vendor relationships; the OCC expects all banks to follow best third-party risk management practices, whether activities occur internally or through service providers.

Read Post