In this series, you’ll hear directly from Vanta’s Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta — and most importantly, our customers — secure. ‍ The following post comes from our Security Team and explains our approach to threat modeling. ‍ ‍

Our most recent product and feature release further secures software supply chains, extends Tanium’s single view of endpoint data to additional ARM-powered devices, and expands the capabilities of our Risk & Compliance solution.

Cloudflare has done several deep dives into Zero Trust performance in 2023 alone: one in January, one in March, and one for Speed Week. In each of them, we outline a series of tests we perform and then show that we’re the fastest. While some may think that this is a marketing stunt, it’s not: the tests we devised aren’t necessarily built to make us look the best, our network makes us look the best when we run the tests.

A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, telecommunications, and technology industries, according to researchers at Palo Alto Networks’ Unit 42.

Strong, resilient security operations require the proper melding of people, technology, and processes to achieve the goal of reducing the likelihood and impact of cyber threats. The right security operations center (SOC) will strengthen the overall security resiliency of an organization. The wrong one will tax your team — leading to mistakes, breaches, and losses.

Open source code is a vital aspect of modern development. It allows developers to increase their application’s functionality, while reducing overall development time. However, the system isn’t perfect. The nature of third party software and it’s dependencies often creates opportunity for security vulnerabilities to lurk in libraries and downloads.

On June 12th, Salesforce announced ‘AI Cloud,’ which aims to embed generative AI capabilities throughout their market leading CRM tool in an effort to enhance productivity for all Salesforce CRM users. The announcement features eight different sections: Sales GPT, Marketing GPT, Slack GPT, Flow GPT, Service GPT, Commerce GPT, Tableau GPT, Apex GPT.

Yes, your WiFi provider – also called an Internet Service Provider (ISP) – can see what you search and what sites you visit, even when you’re in incognito mode. The owner of the router will also be able to see what you search in the router logs. Incognito mode only prevents your site visits from being saved to your browser history. Read on to learn more about how incognito mode works and who can see your search history.

Keeper Security partnered with Brigantia almost three years ago to focus on growing our business in the UK and Ireland MSP markets. It was an honour to re-join forces for a productive afternoon in London for an informative workshop with current partners. Brigantia’s Sales Director, Angus Shaw, and Keeper Security’s Global Channel Director, John Andrews, led the charge, with Padraigh Conway, our Lead EMEA Sales Engineer, providing detailed best practices sessions.

To manage cybersecurity risks effectively and maintain a strong defense posture, organizations need a clear understanding of their security program and the ability to measure their progress toward key objectives. Enter key performance indicators (KPIs), a mechanism that allows organizations to gauge and track their cybersecurity effectiveness.