Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

What is cyber risk exposure and how can you manage it?

Jul 11, 2023 By Sabrina Pagnotta In BitSight
Cybersecurity is not an easy task. New threats are constantly emerging—in your IT infrastructure and that of your vendors and partners. But, as a cybersecurity leader, you can help your organization mitigate these threats if you adopt cyber risk exposure management practices. In this blog, we explore everything you need to know about how cyber risk exposure and management can help you reduce the risk of gaps and vulnerabilities in your network and across your third-party supply chain.
Read Post
CrowdStrike

How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform

Jul 11, 2023 By Kasey Cross - Arfan Sharif In CrowdStrike

In Part 1 of our SIEM blog series, we discussed the state of SIEMs today and how CrowdStrike Falcon® LogScale solves five key SIEM use cases while improving security outcomes and cost savings compared to traditional SIEMs. Our conversations with customers have made it clear: SIEM requirements don’t stop at the five use cases covered in that blog. Modern SIEM systems extend beyond log management to deliver full threat detection, investigation and response.

Read Post
kroll

Proof of Concept Developed for Ghostscript CVE-2023-36664 Code Execution Vulnerability

Jul 11, 2023 By George Glass In Kroll

Ghostscript, an open-source interpreter for the PostScript language and PDF files, recently disclosed a vulnerability prior to the 10.01.2 version. This vulnerability CVE-2023-36664 was assigned a CVSS score of 9.8 that could allow for code execution caused by Ghostscript mishandling permission validation for pipe devices (with the %pipe% or the | pipe character prefix). Debian released a security advisory mentioning possible execution of arbitrary commands.

Read Post
tripwire

How the NIS2 Directive Will Impact You

Jul 11, 2023 By Gary Hibberd In Tripwire

Have you heard of the NIS Directive? The full name is quite a mouthful, "DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union". The informal name has been shortened to the Network and Information Security (NIS) Directive. The aim of the directive was to develop a common level of cybersecurity across the Member States that could be applied to entities of critical national importance.

Read Post
ionix

32 Cybersecurity and IT Management Professionals Share Their Favorite CISO Interview Questions

Jul 11, 2023 By Tom Demers In IONIX

The role of the CISO (Chief Information Security Officer) is one of the most important in any organization, and finding the right professional for the job is vital. The CISO leads the company’s information security strategy and bears the ultimate responsibility for the company’s security posture and how effectively it protects its information systems.

Read Post

Understanding API Attacks

Jul 11, 2023 By Salt Security In Salt Security
As APIs have become the backbone of modern applications, threat actors are increasingly targeting them. Whether it be to exfiltrate data, take control of critical systems, or disrupt key business services or digital supply chains, threat actors have taken notice—and they see APIs as a prosperous attack vector. In this video, you’ll gain valuable insights into API security and learn proactive measures to safeguard your APIs. By understanding the challenges posed by API attacks, you’ll understand the best strategies to protect your organization.
View Video
splunk

Data Sovereignty vs Data Residency: Uncovering the Differences

Jul 11, 2023 By Austin Chia In Splunk
In today's data-driven world, businesses must navigate the complexities of data management while ensuring compliance with an ever-growing array of laws and regulations. Two concepts that often arise in this context are data sovereignty vs data residency. While related, these terms refer to distinct aspects of data management. Understanding their differences is crucial for businesses to make informed decisions on where to store their data and how to remain compliant with data protection regulations.
Read Post
splunk

Detection as Code: How To Embed Threat Detection into Code

Jul 11, 2023 By Muhammad Raza In Splunk
Like many concepts at the intersection of software engineering and cybersecurity, threat detection has emerged as a recent candidate to adopt the ‘as-code’ discipline to detection. This is driven by two key factors: Detection as Code is a new paradigm that brings a structured, systematic and flexible methodology for threat detection inspired by the as-code best practice of software engineering, commonly adopted in DevOps and Agile software development frameworks.
Read Post
splunk

Baseline Hunting with the PEAK Framework

Jul 11, 2023 By David Bianco In Splunk
Baselines are an essential part of effective cybersecurity. They provide a snapshot of normal activity within your network, which enables you to easily identify abnormal or suspicious behavior. Baseline hunting is a proactive approach to threat detection that involves setting up a baseline of normal activity, monitoring that baseline for deviations, and investigating any suspicious activity.
Read Post
keeper

How To Prevent Internet of Things (IoT) Attacks

Jul 11, 2023 By Carly Marie In Keeper

Smart devices are amazing, and they make our lives easier. Smart light bulbs for your home allow you to change the color and schedule lights to turn on and off based on your activities. Internet-connected cameras allow us to monitor our homes with phone apps. Unfortunately, even a device as simple as a light bulb connected to your WiFi can be a gateway for cybercriminals to launch an attack. It happens, and it can happen to you.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.