March 2024

GenAI Attack Path Remediations for Panoptica

Mar 28, 2024 By Roy Maor In Panoptica

Generative AI technology is rapidly evolving, offering groundbreaking capabilities in various fields, including cloud native environments and CNAPP (Cloud-Native Application) solutions. Development of generative AI technology holds immense promise for enhancing the capabilities and performance of cloud-native environments and CNAPP solutions.

Read Post

Panoptica

Read more about GenAI Attack Path Remediations for Panoptica

What is the Exact Meaning of Waiver?

Mar 27, 2024 By SecuritySenses In SecuritySenses

In today's world, especially when it comes to legal matters, the term waiver has an important meaning. The term "waiver" appears in different contexts within the legal system and can have different interpretations depending on the situation.

Read Post

SecuritySenses

Read more about What is the Exact Meaning of Waiver?

Smart thresholds: The answer to your security alert fatigue

Mar 27, 2024 By General In ManageEngine

SIEM solutions operate based on thresholds. These thresholds serve as predefined benchmarks that generate alerts when the alert criteria is met. While effective to some extent, this approach falls short on multiple fronts, particularly in the context of sophisticated attacks and dynamic environments. Static thresholds falling short One of the fundamental flaws of static thresholds lies in their rigidity.

Read Post

ManageEngine

Read more about Smart thresholds: The answer to your security alert fatigue

WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware Supercharging an Already Powerful Threat Wave

Mar 27, 2024 By WatchGuard In WatchGuard

Notable findings from the research also show resurgence of living-off-the-land attacks, continued cyberattack commoditisation, and ransomware decline.

Read Post

WatchGuard

Read more about WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware Supercharging an Already Powerful Threat Wave

Cyber Security vs Blind Faith

Mar 27, 2024 By Keep Information Security Services In KEEP

As we KEEP do more and more work around the world for corporations, government departments and CNI providers we’re seeing a recurring and worrying trend; Blind Faith. Whilst some of this may be cultural, it can no longer be used as justifiable reasoning for the failure to secure core assets, understand the possible threats or at least implement basic protections. Why?

Read Post

KEEP

Read more about Cyber Security vs Blind Faith

What is Assumed Breach Testing? | Red Team Roundtable

Mar 27, 2024 By Bulletproof In Bulletproof

We have a real soft spot for assumed breach testing. Find out why your business should too. This is an excerpt from our full Red Team Roundtable, part of our Fireside Chats series.

View Video

Bulletproof

Read more about What is Assumed Breach Testing? | Red Team Roundtable

4 approaches to vulnerability remediation

Mar 27, 2024 By Natalie Lightner In Synopsys

Vulnerability remediation is the process of identifying weaknesses and design flaws in your applications, prioritizing findings based off of the level of risk they pose, and then performing appropriate actions to resolve them. Options for vulnerability remediation include remediating (fixing) an issue, ignoring it (when it is not risky enough to merit the resources needed to fix it), or applying compensating controls to help counteract the risk posed by the vulnerability.

Read Post

Synopsys

Read more about 4 approaches to vulnerability remediation

Wire Fraud: What It Is and How to Stop It

Mar 27, 2024 By Steven In IDStrong

In 2023, based on wire fraud statistics nearly a quarter of consumers received suspicious communications, which may have occurred over text, email, phone, or social media. Of those who interacted with the sender, one in twenty consumers fell victim to wire fraud, which begins over electronic channels. That same year, consumers lost a reported $10 billion to fraudulent activities, a significant portion of which began as wire fraud.

Read Post

IDStrong

Read more about Wire Fraud: What It Is and How to Stop It

Importing your previous credentials into 1Password

Mar 27, 2024 By 1Password In 1Password

If you’ve ever used a password manager before—even the one built into your web browser—you can hit the ground running by importing all your existing items into 1Password.

View Video

1Password

Read more about Importing your previous credentials into 1Password

What Does a Solid VM Ticketing Workflow Actually Look Like?

Mar 27, 2024 By Nucleus In Nucleus

In this webinar, Scott Kuffer discusses the challenges and best practices of vulnerability management workflows and ticketing. He emphasizes the discrepancy between vulnerability management teams' priorities and the priorities of the business as a whole. Scott explores different ticketing workflows, starting with basic vulnerability-based tickets and progressing to more advanced options such as asset-based, team-based, and action-based tickets. He highlights the benefits of automating ticket creation and reporting, as well as the potential for redefining how vulnerability management is approached within organizations.

View Video

Nucleus

Read more about What Does a Solid VM Ticketing Workflow Actually Look Like?

Demo: Code Intelligence's Fuzz Testing Platform. C/C++ example.

Mar 27, 2024 By Code Intelligence In Code Intelligence

Sergej Dechand, Code Intelligence's CEO, demonstrates how developers can submit new code, which is automatically tested and analyzed for security issues. Sergej explains the process of running tests, assessing findings, and integrating with ticketing systems. You'll also see how to measure code coverage and download reports. It includes all the mentioned use cases with simulating hardware and autogenerated fuzz test setup..

View Video

Code Intelligence

AST
Security

Read more about Demo: Code Intelligence's Fuzz Testing Platform. C/C++ example.

Understanding Supply Chain Risk - Using SCA to protect your application

Mar 27, 2024 By GitGuardian In GitGuardian

Understanding our supply chain means understanding all the components that make it. But this is harder than it appears. Open-source components make up 80 - 90% of our application's source code, but we must also remember that our open-source components are also made from open-source components, it's like supply chain inception. SCA or Software Composition Analysis is a security tool that looks at your entire supply chain and outlines vulnerabilities, including transitive or downstream dependencies.

View Video

GitGuardian

Read more about Understanding Supply Chain Risk - Using SCA to protect your application

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2024

GenAI Attack Path Remediations for Panoptica

What is the Exact Meaning of Waiver?

Smart thresholds: The answer to your security alert fatigue

WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware Supercharging an Already Powerful Threat Wave

Cyber Security vs Blind Faith

What is Assumed Breach Testing? | Red Team Roundtable

4 approaches to vulnerability remediation

Wire Fraud: What It Is and How to Stop It

Importing your previous credentials into 1Password

What Does a Solid VM Ticketing Workflow Actually Look Like?

Demo: Code Intelligence's Fuzz Testing Platform. C/C++ example.

Understanding Supply Chain Risk - Using SCA to protect your application

Monthly Archive

Follow Us