When most people think of threat hunting, they think of uncovering unknown threats. Would you believe me if I told you that is only ONE of many (better) reasons to show value with threat hunting? The PEAK Threat Hunting Framework incorporates three distinct hunt types: hypothesis-driven, baseline and model-assisted threat hunts. Each hunt type follows a three-stage process: Prepare, Execute, and Act.

Anyone who has played a Tower Defense-style game, (Plants Vs. Zombies being a favourite) knows the only way to hold off the hoard of brain-eating zombies is to know your weaknesses before the next wave attacks and to plan accordingly. Oddly, preparing a cybersecurity defense is somewhat similar: the player/organization knows attacks are coming, they have an idea from where and how they will be conducted, and they need to place the proper pieces on the board at the right place to stay safe.

Callback phishing isn't your typical email scam. Instead of the usual suspects with bad grammar and obvious malicious links, these attacks play mind games. They set up a multi-layered trap using some smooth-talking tactics to get you to dial a fake number and spill your sensitive info.

Parallels between the history of open source and the rise of AI in software development can teach us valuable AppSec lessons. The front page news about generative artificial intelligence (GAI) taking over software development from poor human developers has waned a bit. But there is no doubt that the technology will continue to transform the software development space over time.

A Web Application is a software program that runs on a server and enables users to interact with the application over the internet. It allows users to perform tasks such as creating accounts, logging in, accessing data, managing content, and more. Web applications are designed to be dynamic and user-friendly while providing secure access to information or services.

The Keeper team had an amazing time at the 2023 Black Hat security conference in Las Vegas. We met with partners, prospects, friends, vendors, and of course, our incredible customers. Over the span of two days we talked to thousands of people and collected valuable data on a number of critical topics. In fact, we generated a mountain of data about what cybersecurity professionals want from password and privileged access management solutions.

Malware utilizes a multitude of techniques to avoid detection, and threat actors are continuously uncovering and exploiting new methods of attack. One of the less common techniques includes the exploitation of the Windows Restart Manager. To stay ahead of malicious authors, it is important to be aware of them and understand how they work.

Repairing a weakness in your IT environment is always easier than dealing with the consequences of that weakness — like, say, a massive data breach — sometime later. This means your security team must be proficient at finding those weaknesses and assessing your IT environment’s vulnerabilities. Those vulnerabilities can include weak passwords, poor patch management, and lax security training.

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain. Supply chain risk extends past those suppliers with whom you’re doing business directly. Beyond your third-party suppliers are their suppliers, and the supply chain continues branching out from there. In today's connected world, organizations must not isolate their supply chain risk management.

DuoLingo is a massive language learning service that provides lessons to more than 74 million users around the world. The service offers short language lessons via a set of apps and is designed to help users learn new languages. Duolingo doesn't store a huge amount of information about its users, but it does have enough data on its users for it to be problematic if the information is lost.