Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

What is Vendor Tiering? Boost Your Vendor Risk Management

Vendor tiering is a method of classifying vendors based on the level of security risk they introduce to an organization. The level of security criticality decreases with each subsequent level. The number of tiering levels depends on personal preference. The basic vendor tiering structure consists of three levels - Tier 1, Tier 2, Tier 3, where Tier 1 represents high-risk vendors. Each vendor could be assigned to a tier manually, or the process could be based on a security questionnaire scoring system.

What is a Botnet? You Might Be Infected Right Now

A botnet is a network of malware-infected devices used to launch coordinated attacks either against a single target, like during a DDoS attack, or multiple targets like during email phishing attacks. All infected machines in a botnet are remotely controlled by a single cyber attacker that could be located anywhere in the world.

Interview With Pieter Vaniperen

For the newest instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Pieter Vaniperen, Managing Partner at PWV Consultants. Pieter is a veteran software architect and security expert who is an industry authority and influencer providing thought leadership and execution to develop widely adopted processes, methodologies, and technologies that are at the forefront of digital innovation and software development.

What are the Four Factors of a HIPAA Breach Risk Assessment?

Modern technology allows the easy collection and distribution of personally identifiable information — and concerns about the unintended distribution of that personal data have led to a wave of data privacy laws around the world. The U.S. Health Insurance Portability and Accountability Act (HIPAA) is one such law, and imposes strict rules on how hospitals, healthcare businesses, and other “covered entities” handle personal health information (PHI).

3 reasons SMBs are more vulnerable to cyberattacks than large enterprises

Details about cyberattacks on small-and-medium-sized businesses (SMBs) may not make it to the headlines, but numerous industry reports and surveys have highlighted the grim reality of the SMB cybersecurity landscape. Even before the COVID-19 pandemic, SMBs were largely targeted by adversaries1.

Webinar Wrap up: Demystifying the cryptic crypto: Compliance and regulations

Cryptocurrency space is maturing, India’s appetite for cryptocurrency is evident, as the country facilitates the highest recipient of remittances globally — more than $83 billion since 2018 every year. With the support of cryptocurrencies, the remittance market is anticipated to soar in India, with cheaper, more efficient methods of sending money.

Why is AT&T adding Web Application Shielding to its Managed Vulnerability Program?

Cybercriminals never sleep. Why? They're too busy looking for application vulnerabilities. In the world of cybercrime, a flawed application is a potential goldmine for them, but an onramp to disaster for most organizations.

Securing Your Package Manager's Lockfiles

Considering our reliance on open source and third party components, it’s nearly impossible to estimate how many open source libraries we’re using, especially with dependency management tools that pull in third party dependencies automatically. Adding to the challenge of keeping track of the open source components that make up our codebase, is the tangled web of transitive dependencies.

Web scanners are evolving to secure modern web applications and their APIs

Tom Hudson (TH), Senior Security Researcher at Detectify, joined the Application Security Weekly podcast to talk about the status quo on web scanners and securing modern web applications. We’ve edited the transcript for brevity and taken some highlights from the pod episode below.