In today’s highly interconnected worlds, CISOs face a dual challenge: protecting data and reporting to the Board of Directors. Log management has long been a tool in the CISO’s back pocket, helping gain insight into potential security issues. However, the rise of cloud-based infrastructures changes this, making log management increasingly difficult.

SAML authentication is a must for organisations that want to do federated identity and single sign-on. These applications require both sides of the service or application to use a common set of credentials for identification and authorization. This is an effort to reduce security risks, increase the availability of services through more robust authentication, improve reliability by leveraging existing investments in infrastructure, and improve the end-user experience.

JFrog has recently disclosed a directory traversal issue in CivetWeb, a very popular embeddable web server/library that can either be used as a standalone web server or included as a library to add web server functionality to an existing application. The issue has been assigned to CVE-2020-27304.

In today’s dynamic threat landscape, having different tools to meet unique security requirements helps keep data protected. However, businesses today have 10 to 50+ security tools and consequently spend too much time managing them instead of protecting against cybercrime. This security tool overload creates internal challenges and potentially distracts from the primary business mission.

NIST Cybersecurity Framework (CSF) is a voluntary security framework created through industry, academic, and US government collaboration that aims at reducing cyber risks to critical infrastructure. The framework is a result of the Presidential Executive Order (EO) 13636 that directed NIST to develop a framework in collaboration with the security stakeholders of the economic and National security of the US.