%term

Understanding the Purpose of Security Controls and the Need for Compliance

Jul 1, 2020 By Chris Orr In Tripwire

What are the brakes on a car designed to do? I have asked this question many times when speaking to customers or organizations who were dipping their toes into the audit space. Invariably, their answer was, “To stop the car.” At this point, I would then ask, “Then how do you get where you want to go?”

Read Post

Tripwire

Read more about Understanding the Purpose of Security Controls and the Need for Compliance

A Checklist for Preparing for Your Organization's Next PCI Audit

Jul 1, 2020 By Anthony Israel-Davis In Tripwire

Organizations cannot afford to neglect their PCI compliance obligations. According to its website, PCI could punish offending organizations with a monetary penalty ranging in value from $5,000 to $100,000 per month. These fines could spell the end for a small business. Acknowledging those consequences, organizations need to make sure they’re PCI compliant. More than that, they must ensure they’re prepared for when auditors come knocking on their door.

Read Post

Tripwire

Read more about A Checklist for Preparing for Your Organization's Next PCI Audit

Why is Cybersecurity Important?

Jul 1, 2020 By Abi Tyas Tunggal In UpGuard

Cybersecurity is important because cybersecurity risk is increasing. Driven by global connectivity and usage of cloud services, like Amazon Web Services, to store sensitive data and personal information. Widespread poor configuration of cloud services paired with increasingly sophisticated cyber criminals means the risk that your organization suffers from a successful cyber attack or data breach is on the rise.

Read Post

UpGuard

Read more about Why is Cybersecurity Important?

Uncovering Bots in eCommerce Part 4: The Impact of Credential Stuffing

Jul 1, 2020 By Netacea In Netacea

Credential stuffing is one of the most common forms of online crime, it is the act of testing stolen passwords and usernames against website login forms, to validate the credentials for malicious reuse. Once a match is found, the attacker can easily commit various types of fraud. When credentials are stolen through a database breach, malware, or other means, they are kept for use in future attacks against many different targets.

Read Post

Netacea

Read more about Uncovering Bots in eCommerce Part 4: The Impact of Credential Stuffing

GoldenSpy: Questions and Answers

Jul 1, 2020 By Trustwave In Trustwave

Questions about the GoldenSpy malware? Find answers in this video interview with Brian Hussey, VP of Cyber Threat Detection and Response for Trustwave SpiderLabs. Includes recommendations for how organizations can best protect themselves.

View Video

Trustwave

Read more about GoldenSpy: Questions and Answers

The Golden Tax Department and the Emergence of GoldenSpy Malware

Jul 1, 2020 By Trustwave In Trustwave

Trustwave SpiderLabs has discovered a new malware family, dubbed GoldenSpy, embedded in tax payment software that a Chinese bank requires corporations to install to conduct business operations in China. Learn more in this video.

View Video

Trustwave

Read more about The Golden Tax Department and the Emergence of GoldenSpy Malware

What Are The Most Secure Programming Languages

Jul 1, 2020 By Mend

Behind every developer is a beloved programming language. In heated debates over which language is the best, the security card will come into play in support of one language or discredit another. We decided to address this debate and put it to the test by researching WhiteSource's comprehensive database. We focused on open source security vulnerabilities in C, Java, JavaScript, Python, Ruby, PHP, and C++, to find out which programming languages are most secure, which vulnerability types (CWEs) are most common in each language, and why.

Get Report

Mend

Read more about What Are The Most Secure Programming Languages

10 Questions for Assessing Data Security in the Enterprise

Jul 1, 2020 By Netwrix

It's hard to imagine an organization today that does not rely on file servers, SharePoint or Office 365 for storing data, including valuable and sensitive information such as intellectual property and personal data. This makes these systems particularly attractive targets for all sort of attackers, from external hackers to disgruntled employees. To protect data from both external and internal threats, businesses must regularly conduct thorough data security assessments as part of their broader cyber security assessments.

Get EBook

Netwrix

Read more about 10 Questions for Assessing Data Security in the Enterprise

The state of open source vulnerabilties 2020

Jul 1, 2020 By Mend

We surveyed over 650 developers, and collected data from the NVD, security advisories, peer-reviewed vulnerability databases, issue trackers and more, to gather the latest industry insights in open source vulnerability management.

Get Report

Mend

Read more about The state of open source vulnerabilties 2020

Compliance Demystified

Jul 1, 2020 By Netwrix

Compliance regulations are designed to provide a unified set of rules or guidelines to help IT organizations implement policies and measures that deliver the required levels of integrity, security, availability and accountability of data and operations. This white paper provides an overview of various types of IT compliance, explores their basic concepts and commonalities, and offers guidelines for implementation.

Get EBook