Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

After a wave of zero-day attacks targeting widely used security and networking appliances, the Cybersecurity & Infrastructure Security Agency (CISA) is taking new measures to protect Internet-exposed networking equipment.

Zero trust is not a new cybersecurity concept, yet it seems everywhere lately. In case you’re unfamiliar with zero trust, it is defined as an approach to security that assumes no implicit trust between users, devices, or networks as a baseline, and once a user has been verified as legitimate, authorized, and trustworthy, access is allowed. Zero trust has been so effective as a cybersecurity strategy that the U.S.

Personally identifiable information (PII) compliance is an ever-increasing challenge for any organization. Whether you’re in ecommerce, banking, healthcare, or other fields where data is sensitive, PII may inadvertently be captured and stored. Having structured logs enables quick identification, removal, and protection of sensitive data fields easily; but what about unstructured messages? Or perhaps call center transcriptions?

Salt is thrilled to share the findings from the just-released “State of the CISO 2023” report! We wanted to hear directly from CISOs/CSOs around the world about how digital transformation is impacting their role and understand the biggest challenges – both personal and professional – they’re contending with as a result.

Artificial Intelligence (AI) is a technology that is both exciting and worrisome. It reminds us of events from the past where computer systems were attacked, causing concern for their vulnerability. In 1997, a Department of Defense exercise called Eligible Receiver showed that defense systems could be hacked, which led to the creation of the Joint Task Force for Computer Network Operations.

On June 13, 2023, the United States Cybersecurity and Infrastructure Security Agency (CISA) released Binding Operational Directive 23-02 titled Mitigating the Risk from Internet-Exposed Management Interfaces. This BOD is aimed at reducing the risk posed by having the ability to configure or control federal agency’s networks from the public internet. If you are curious about this threat, you should review MITRE ATT&CK’s T1133- External Remote Services.

Upwork is a freelancing platform that connects a global base of clients to freelancers via job postings. Since going public on the New York Stock Exchange in 2019, the company has become one of the leading freelance platforms worldwide and was named on Time’s list of the 100 Most Influential Companies of 2022.