A Readiness Assessment in general is an evaluation process that suggests whether or not an organization is compliant with a specific standard/regulation. The assessment helps determine gaps in security controls and demonstrates the effectiveness of controls to achieve compliance. The assessment works as a guide to identify and address the potential gaps in controls. The readiness assessment basically works as a test run for organizations looking to achieve compliance.

IAM (identity access management) involves numerous IT practices to enforce identity authentication and verification. But Web3 could change how we use the internet by simplifying data protection and IAM procedures. Two factors contribute to the need for authentication practices that are both fast and accurate. One, rising cyber threat activity, and two, infrastructure changes and complexity. Now, IT teams need new ways to authorize identity credentials to adapt to an evolving environment.

The rapidly expanding attack surface often requires security teams to deep dive into their Internet-facing assets, such as root assets and associated subdomains. Conducting these reviews can be time-consuming for security experts, particularly if they have a large attack surface made up of hundreds – or even thousands! – of subdomains. We’ve now made it possible for users to filter their attack surface by a root asset.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Not restricted to NPM, Python for example has had many issues lately, but no matter which language you use that has an online code repository, careful selection is becoming critically important.

During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.

Selling to the Department of Defence or dealing with Export Controlled material? Discover how to manage the information security and compliance of ITAR and other regulated data.