Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Ask me Anything Webinar 004

Oct 29, 2024 By Sedara In Sedara
Our Panel of CISOs In this interactive session, a panel of experienced CISOs—Frank D’Arrigo and Bob Chyka—answer pressing cybersecurity questions submitted by the audience. From threat management to security strategies, this session offers direct insights and expert advice from top industry leaders. Watch the recording to gain actionable guidance on protecting your organization, with practical advice on tackling today’s cybersecurity challenges.
View Video

The FortiManager RCE Vulnerability - The 443 Podcast - Episode 311

Oct 29, 2024 By WatchGuard In WatchGuard
This week on the podcast, we review Fortinet's recently-disclosed remote code execution vulnerability in the FortiManager system that has been under active exploit since at least June. After that, we discuss the SEC's recent action against 4 companies found at fault for misleading security incident disclosure statements. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video
salt security

Lessons from the Cisco Data Breach-The Importance of Comprehensive API Security

Oct 29, 2024 By Eric Schwake In Salt Security
In the wake of Cisco’s recent data breach involving exposed API tokens - amongst other sensitive information - the cybersecurity community is reminded once again of the significant risks associated with unsecured APIs. Though Cisco has asserted that the damage was limited to a public-facing environment, such breaches demand a more cautious evaluation. Exposing sensitive information like API tokens, credentials, and even source code can have broader security implications than initially apparent.
Read Post
secude

How to build resilience in critical systems

Oct 29, 2024 By Secude In SECUDE
From power grids and water systems to transport networks and healthcare facilities, critical infrastructure has become a key target for cyber attacks in recent years, such as US utilities suffering a 70% year-on-year increase in cyber attacks this year. The reason for targeting critical infrastructure is clear: they often use outdated software and the attacks have an outsized disruptive impact.
Read Post
apono

How to Create a Data Loss Prevention Policy: A Step-by-Step Guide

Oct 29, 2024 By Rom Carmel In Apono
With an average of more than 5 data breaches globally a day, it’s clear companies need a way to prevent data loss. This is where a data loss prevention policy comes into play. A data loss prevention policy serves as a crucial safeguard against unauthorized access, data breaches, and compliance violations. This comprehensive framework outlines strategies and procedures to identify, monitor, and protect valuable data assets across an organization’s network, endpoints, and cloud environments.
Read Post
idstrong

What is a Time-based One-time Password (TOTP)?

Oct 29, 2024 By Steven In IDStrong
Authentication is the process that verifies the user's identity to control access to resources, prevent unauthorized users from gaining access to the system, and record user activities (to hold them accountable for their activities). It is used to authenticate users who log on to a server, ensure that software comes from a reputable source, and ensure that the person sending the message is who he says he is.
Read Post
mend

Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package

Oct 29, 2024 By Sarah Moglia In Mend
The increasing reliance on open-source software coupled with the accelerated pace of software development has created a growing need for support of deprecated packages. The significant majority of open-source software packages are not actively maintained, meaning vulnerabilities are not patched, thereby leaving systems open to attack. Malicious actors often target deprecated open-source packages for this very reason.
Read Post
jit

Announcing Jit + Wiz: Bridge the Gap Between ASPM and CNAPP

Oct 29, 2024 By David Melamed In Jit
Today, we’re thrilled to announce Jit’s certified integration with Wiz! This partnership will make it easier than ever for developers to consistently resolve security issues before production, and for security teams to unify and prioritize the top risks in production – effectively bridging the gap between the core objectives of ASPM and CNAPP. We believe that securing apps in the cloud has been overcomplicated by tool sprawl, alerting noise, and a disjointed UX for developers.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.