Security

The Imperative Need for Consolidation in Web App Security and Delivery

In today’s rapidly evolving digital and cyber landscape, securing and delivering applications efficiently is crucial for businesses of all sizes. The pursuit of uninterrupted service is no longer the only focus. Security concerns have taken center stage, transforming the landscape into a battleground where the slightest disruption triggers a search for root causes and solutions. When websites falter, application owners navigate a maze of possibilities.

The 443 Podcast - Episode 283 - Trucking Worms

This week on the podcast we discuss a vulnerability in required commercial truck hardware that could enable an automatically propagating worm across the entire US. Before that, we cover Apple's "un-patchable" vulnerability in their M-series processors as well as a vulnerability that could let attackers unlock hotel room doors at will. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

The Growing Importance of CAASM in Company Cybersecurity Strategy

The recent years' events, including the proliferation of ransomware, the pandemic, and political tensions, have fast-tracked the development of both offensive and defensive tools in the cyber domain. Cybersecurity concepts that were nascent a few years ago are now being refined, demonstrating the practical benefits of modern digital risk management strategies.

New Research Identifies Oversight Practices Correlated With Effective Cybersecurity Outcomes

In the last few years, boards have rushed to incorporate Cyber Risk into the Board’s overall risk management duty, without really knowing how effective those efforts have been. For the first time ever, Diligent and Bitsight have partnered to see just how well the effort at the board level is translating into reducing Cyber Risk for their company.

CMMC Scoping: Unveiling the Core of Cybersecurity Compliance

In the intricate landscape of defense contracting, the Cybersecurity Maturity Model Certification (CMMC) has emerged as a beacon for fortifying the defense industrial base’s cybersecurity posture. Central to CMMC compliance is the critical process of scoping – a systematic approach to identifying systems and assets subject to assessments. Let’s delve into the essence of scoping, emphasizing its significance, and understanding how it evolves through different CMMC levels.

Hunt for cloud session anomalies with Cloud SIEM

In today’s cloud-native world, systems are usually accessed by users from multiple devices and in various geographic locations. Anyone who has tried to operationalize an impossible travel type alert for cloud resources will understand the myriad nuances and gotchas involved in such an endeavor. A user may be accessing a cloud resource from a mobile device that is tied to a carrier network well away from their normal geographic location.

Selecting SIEM Tools - Questions to Consider

So, you’ve done your homework. You’ve clearly defined business requirements, and you think you want to implement a Security Information and Event Management (SIEM) solution into your organization. Cloud migration and remote work have changed the way threat actors attack, and it feels like every day you read about a new methodology. While a lot of companies added a SIEM to their cybersecurity technology stack, you’re not sure whether you can afford one.

How to choose the right penetration testing partner for your business

In today’s digital landscape, cybersecurity threats are evolving at an alarming rate. With the growing number of cyber-attacks and data breaches, businesses must prioritise their security measures to protect sensitive information and safeguard their reputation. Penetration testing is an essential component of this defence strategy.

Enterprise Browsers Need to Secure Identities Without Compromise

Now is the time. It’s been over 30 years since the introduction of the first web browser. Since then, the browser has evolved into an application that allows us to stream entertainment, work and interact through social media. It’s the most widely used application among consumers … and now the enterprise. Unfortunately, there’s little separation between work and personal life when you use a browser designed for consumer use.

How To Achieve Vulnerability Remediation

Vulnerabilities are a major risk for organizations, and a major attack vector for threat actors. There were over 29,000 vulnerabilities published in 2023, amounting to over 3,800 more common vulnerabilities and exposure (CVEs) identifiers being issued last year than in 2022. But that doesn’t mean these most recent vulnerabilities are the only ones in a threat actor’s toolbox.