It’s not news that organizations’ networks are increasing in complexity. The rise of hybrid work, the proliferation of the cloud, and the increased use of IoT devices has pushed networks far outside the server room — and even the four walls of the office — into a digital-first realm. While these changes have increased efficiency, scalability, and how operations work in the modern age, they’ve also created new avenues for cybercriminals to launch an attack.

A reverse proxy is a server that sits between the client and the origin server. It accepts requests from clients and forwards them to the appropriate server. It also receives responses from the server and sends them back to the client. A reverse proxy is an essential component of web application infrastructure, providing a layer of abstraction between clients and origin servers to help optimize traffic routing and improve performance and security.

CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include monitoring network activity to spot abnormal behavior, conducting regular assessments and drills, and enforcing phishing-resistant MFA anywhere possible.

There exists a drive in all of us that embraces innovation to make life easier. For IT leaders, it’s time for true innovation at the remote access edge.

Choosing the right Cloud WAF pricing model is like finding the perfect pair of shoes: it’s all about comfort, fit, and style for your organization’s needs. In this guide, we’ll help you navigate the world of Cloud WAF pricing, exploring different options and factors so that you can find the perfect fit for your web application security requirements. For those still evaluating Cloud vs. on-prem WAF, here’s a detailed article on why cloud WAFs are better than on-premise WAFs.

When it comes to insider threats and cybersecurity in general, experts often discuss how to practice policies of containment, and use these to mitigate threats. One fundamental way to do this is through the process of network segmentation.

Virtual private networks (VPNs) were introduced roughly two decades ago with the idea that creating an encrypted tunnel directly from a computer device to a network would provide secure access to company resources and communications from remote locations. VPN performance was notoriously sluggish, and they were difficult and time consuming for IT to administer, but at least the appliances were secure. Or so people thought.

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.