In the digital age we live in, attackers are continually developing new techniques to compromise computer systems. However, an attack that was first disclosed over a decade ago at Black Hat USA 2011 is still one of the most common ways we compromise a domain admin account on an engagement.

As organizations continue to re-engineer their data infrastructures to enable efficient, secure productivity for workforces wherever they may be, Netskope is deepening its partnerships with global system integrators who have the experience and worldwide presence to guide those strategic digital transformation projects.

ARx is a healthcare provider based in Kansas. The company specializes in drug delivery systems and works with many different healthcare facilities. During regular work, the company handles patient information and is in charge of healthcare details as well as personal information. According to ARx, it was hacked in 2022, and nearly 40,000 people could be exposed because of the attack.

With more than 2.5 million cybersecurity positions unfilled globally, the cybersecurity field is facing a severe shortage of talent, with an increasing demand for skilled professionals to combat the ever-evolving threats in the digital landscape.

A high-functioning security program leverages data to drive optimization – by satisfying governance, reporting, and compliance (GRC) requirements efficiently, creating visibility for risk-based prioritization, and leveraging automation throughout the software development lifecycle. Often, however, the data needed to drive these processes is spread across a complex ecosystem.

Cyber threat hunting is a proactive security strategy that involves searching for threats within a network before they can cause significant damage. Unlike traditional methods, which are reactive and wait for an alert before taking action, threat hunting seeks to actively identify and mitigate hidden threats that have evaded initial security measures. Threat hunting involves constant monitoring and data analysis to spot suspicious behavior that may indicate a cyber attack.

DevSecOps refers to the integration of security practices into DevOps process. With modern development cycles, you can't afford to leave security until the end. It should be baked in at every stage. Continuous integration, continuous delivery (CI/CD) security is a big part of the DevSecOps picture. It's critical that you secure your pipelines and that the automated systems used to implement CI/CD are not vulnerable to attack.

Security teams rely on vulnerability scanners to proactively locate vulnerabilities in network devices, hosts, and applications. These tools help improve the overall security posture of the network by remediating exposure before bad actors have an opportunity to exploit it. Although incredibly helpful, the data delivered by these tools is often overwhelming and not presented in an actionable manner.

TrustCloud teamed up with Dansa D’Arata Soucia on our Risk Rodeo webinar, to discuss everything you need to know to wrangle up risks with confidence. Our panelists weighed in on the four things that auditors look for in risk management processes.

Welcome to our guide on Security Questionnaires (SQs)! We’ll cover everything you need to know about SQs, including a complete breakdown of what they’re all about, what risk assessments look like from a prospective customer’s POV, and best practices for the vendors responding. Let’s get started!