As recently as 2017, security and compliance professionals at many of Tripwire’s large enterprise and government customers were talking about migration to the cloud as a possibility to be considered and cautiously explored in the coming years. Within a year, the tone had changed.

In our previous blog, we analyzed how it is possible to map malware threats using the MITRE ATT&CK™ framework. In this blog, we will test the USM Anywhere platform against red team techniques and adversary simulations. We performed this analysis as part of our continuous efforts to improve the platform’s detection effectiveness.

Open Source projects can be a great asset, or they can be a curse – it’s all in how you manage it. To be successful in using open source, there are several things to keep in mind, from licensing to updates. And if you ignore any of them, it can cause problems. Here are some things to consider.

New research from Forescout found that healthcare organizations are increasingly at risk from legacy platforms, device complexity, and the use of frequently exploited protocols. Forescout analyzed 75 healthcare deployments running over 1.5 million devices across 10,000 VLANs (virtual local area networks).

A selection of this week’s more interesting vulnerability disclosures and cyber security news. An bumper crop this week of news items of note, had to seriously prune them down to a manageable number which is a shame.

Since financial services industry collects, stores, and transmits sensitive non-public informationinformatino, malicious actors continue to target it. As the financial services industry embraces digital transformation, it opens itself up to new risks. Cloud infrastructures act as a primary target, leading to new risks arising from the new technologies. Emerging risks facing the financial services industry require continuous monitoring to retain a robust cybersecurity posture.

The simplest explanation is that the page takes a value and then creates a redirect to it. If /red.php?url=https://example.com created a redirect to https://example.com that would be a typical Open Redirect-vulnerability.

Insider Threats come in many different shapes and forms and can be a frustrating problem to diagnose. Adding to the problem is the fact that even the most reliable and seemingly harmless employees can change in an instant and pose a threat. Protecting your company against these sometimes-unpredictable actors requires an understanding of the various profiles that exist and their motivations.

We are excited to announce the new security capabilities of Tigera Secure Enterprise Edition 2.4. This release enables enterprise security teams to extend their existing zone-based architectures and easily connect to external resources. The highlights include DNS Policies, Threat Defense, Compliance Dashboard and Reporting, and easier installation options.