If you use APIs today – which you very likely do if you are leveraging cloud-native technology in any way – mastering the concepts discussed in the following pages is crucial for ensuring that you can balance the benefits of APIs with security challenges. Indeed, avoiding APIs is simply not realistic for most...
Phishing and other socially-engineered schemes are going to get bolder, the attack surface is only going to get bigger, and enterprises everywhere are going to have to focus more on building cyber resilience. These are among the New Year's predictions from Zoom's new CISO, Michael Adams.
How can successful organizations prepare for a possible recession? Most look for ways to reduce costs. Despite inflation and uncertainty, however, organizations aren't slowing their spend on security. Surprising? Maybe not. Savvy executives now see remote work as a cost-savings opportunity, and they're taking...
Asset management historically either looked at network traffic or attempted to put an agent on everything, which Axonius CEO Dean Sysman says left organizations drowning in data. Axonius focuses solely on bringing data together from a customer's existing infrastructure and controls.
Organizations are awash in vulnerabilities. And it’s becoming more difficult to prioritize which vulnerabilities require immediate attention – especially as resources in the infosec industry remain scarce. Organizations, vendors, and governing bodies, all have slightly different approaches to vulnerability...
Detect and protect the unknown. Security leaders and technical teams lack visibility into internet-facing assets, unknowingly leaving network entry points susceptible to exploit.
By identifying all assets—from network assets to credentials exposed on GitHub to assets found on the dark web—you can better...
Complexity is the enemy of security, and information technology grows ever more complex. Have we created a problem space in computing so complicated that we will be unable to safely operate in it for its intended purposes? Fred Cohen says that's unlikely. He discusses managing risk in the future.
To stay ahead of a hacker, you need to think like one. In groundbreaking new research, SANS and Bishop Fox surveyed more than 300 ethical hackers to gain insight into how attackers think, the tools they use, their speed, specialization, and favorite targets. Unlike other surveys, which take a defender’s point of...
Malware activity has increased 28% since last year, and botnet and exploit activity are up over 100%, according to CyberTheory's 2022 Third Quarter Review. CyberTheory Director Steve King says "a new approach to cybersecurity defense" is needed to fight today's cybercrime.
The United Kingdom's National Cyber Security Centre is scanning the British internet for vulnerabilities. "We're not trying to find vulnerabilities in the U.K. for some other, nefarious purpose," says the center, a part of signals intelligence agency Government Communications Headquarters.
The global attack surface is a living thing that grows and changes constantly. Unfortunately, that means the work of security teams is never really done. No matter how good you are at fixing issues as they arise, there are always unknown assets to consider.
The Cortex® Xpanse™ research team studied the global...
Apple has issued a slew of security updates amid reports that its iOS devices are being actively exploited via a zero-day vulnerability in the kernel. While Apple hasn't attributed the exploits to any specific group, experts say surveillance malware developers are a likely culprit.
When securing your infrastructure, it’s vital to employ the right mix of offensive security solutions and services to proactively identify weaknesses so you can protect your attack surface. This guide provides key insight into the crucial components of proactive attack surface management -- including vulnerability...
A phishing and fraud prevention vendor has bought a startup founded by Qualys' longtime engineering leader to help organizations more effectively discover and monitor assets. Red Sift says its purchase of Hardenize will help customers assess the security of their digital asset inventory.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
