Will NIST’s cybersecurity labeling for consumer software and IoT products help us achieve better security? Our experts weigh in. If one of the goals of President Biden’s May 2021 “Executive Order on Improving the Nation’s Cybersecurity” is fulfilled, you’ll be able to look for a quality and security assurance label on any software product you consider buying.

Bruteforce and stolen credentials are prime reasons for a data breach. New data recently released shows that setting strong passwords might not be enough in an increasingly volatile cybersecurity landscape. Find out why you need to prioritize user password security.

This three-part blog series will explore threat-based methodology and how it benefits every company with a network. The series leverages the analysis presented by the Federal Risk and Authorization Management Program (FedRAMP) Program Management Office (PMO) in conjunction with the National Institute of Standards and Technology (NIST).

We were once newcomers to the security research field and one of the most annoying problems we ran across was how to get a CVE published. After all, what good is it to find a juicy vulnerability if you can’t get the word out to others? So, as a resource to help our fellow researchers, we decided to put together a CVE publishing guide based on our experience, and honestly a lot of good old trial and error.

Over recent months, the CrowdStrike Falcon OverWatch™ team has tracked an ongoing, widespread intrusion campaign leveraging bundled.msi installers to trick victims into downloading malicious payloads alongside legitimate software. These payloads and scripts were used to perform reconnaissance and ultimately download and execute NIGHT SPIDER’s Zloader trojan, as detailed in CrowdStrike Falcon X™ Premium reporting.

The Common Vulnerability Scoring System (aka CVSS score) provides a numerical (0-10) representation of the severity of an information security vulnerability.

Machine learning (ML) detections are a powerful tool for detecting emerging threats when we don’t yet know what we’re looking for. The power of anomaly detection is the ability to detect and provide early warning on new threat activity for which rules, indicators, or signatures are not yet available.

Cyber attacks are an ever–present threat and hackers continue to develop more sophisticated ways to gain access to business data. Organisations host a vast amount of sensitive information online that can be exploited by cybercriminals if left unprotected. With the way business is conducted, including an increase in remote workers and migration to the cloud, businesses need to implement strong security controls to bolster their cyber posture and secure their data.

Since our inception, Sumo Logic has been laser-focused on delivering real-time machine data analytics to accelerate digital transformation, while helping businesses effectively build, run, and secure their modern applications and infrastructure—in the cloud or in hybrid environments.

Brilliant business ideas are driven by brilliant entrepreneurs. Enter Feroot’s own Ivan Tsarynny, CEO and Vitaly Lim, CTO, whose vision to improve client-side or “front-end” security for businesses around the globe resulted in the closing of $11 million in seed funding led by True Ventures. Feroot will use the funds to meet growing demand for client-side security solutions by accelerating product development and go-to-market initiatives.