%term

Cybersecurity Is (Still) Everyone's Job

Nov 18, 2018 By Maurice Uenuma In Tripwire

As noted previously—and as we all know—an organization cannot be secure until the entire workforce is engaged in reducing cyber risks. Each member of the group has the power to harm or to help, since each one has access to information systems, handles sensitive data and makes decisions every day which maintain, erode or strengthen the human “attack surface” of the organization.

Read Post

Tripwire

Read more about Cybersecurity Is (Still) Everyone's Job

Vulnerability scans vs Penetration tests

Nov 16, 2018 By Joseph Poppy In Bulletproof

You’ll often find that ‘vulnerability scan’ and ‘penetration test’ are wrongly used interchangeably, creating confusion about which is the right security choice for businesses. Broadly speaking, a vulnerability scan could be thought of as a surface-level security assessment, whereas a penetration test delves that much deeper. In fact, penetration testers often make use of a vulnerability scan as part of their process.

Read Post

Bulletproof

Read more about Vulnerability scans vs Penetration tests

Weekly Cyber Security News 16/11/2018

Nov 16, 2018 By Kevin In ionCube24

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Quite an interesting stream of news this week, however, my choices this week focus on threat management. The first one, and its quite alarming and not at all funny, shows an example of someone didn’t accept reasonable proof of account ownership for a password reset – something many of us face with public websites.

Read Post

ionCube24

Read more about Weekly Cyber Security News 16/11/2018

Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Nov 15, 2018 By Rich Langston In AT&T Cybersecurity

Recently, an AlienVault customer reached out to ask how AlienVault handles the detection of zero-day attacks, which are exploits against previously unknown vulnerabilities. In this blog, I shed light on how we approach this.

Read Post

AT&T Cybersecurity

Read more about Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Demo - Continuous security assessment for AWS

Nov 15, 2018 By Netskope In Netskope

Netskope’s Continuous Security Assessment for AWS helps address the risk tied to misconfigurations that may lead to resources being inadvertently exposed to the internet. Netskope achieves this by continuously monitoring and auditing your AWS configuration, using the CIS benchmark, PCI-DSS, in addition to AWS best practices, to assess your compliance posture.

View Video

Netskope

Read more about Demo - Continuous security assessment for AWS

Demo - Insider threat protection for AWS S3

Nov 15, 2018 By Netskope In Netskope

Learn more about Netskope for IaaS at netskope.com

View Video

Netskope

Read more about Demo - Insider threat protection for AWS S3

The Art and Science of Secure Coding: Key Practices that Stand Out

Nov 15, 2018 By Tripwire Guest Authors In Tripwire

Flaws in code lines, file system and data input methods make up the core security vulnerability of any application. This is what we address through secure coding practices. Secure coding guidelines stand out as the last battling army before the enemy line of security risks and threats.

Read Post

Tripwire

Read more about The Art and Science of Secure Coding: Key Practices that Stand Out

Top 10 PCI DSS Compliance Pitfalls

Nov 14, 2018 By Sanjay Ramnath In AT&T Cybersecurity

Despite the fact that PCI DSS has been in effect for over a decade, and most merchants are achieving compliance, some of the world’s largest retailers have been hit by to data breaches. The sad truth is that achieving compliance doesn’t guarantee data protection, even for large organizations. For example, more than five million credit card numbers were stolen in 2018 hacks of two major retailers.

Read Post

AT&T Cybersecurity

Read more about Top 10 PCI DSS Compliance Pitfalls

Getting started with Detectify

Nov 13, 2018 By Detectify In Detectify

Detectify is an automated vulnerability scanner that helps you stay on top of threats by testing your web application for 1000+ vulnerabilities. Getting started with Detectify is easy - you can get up and running in a matter of minutes.

View Video

Detectify

Read more about Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Nov 13, 2018 By Detectify In Detectify

A recent vulnerability was sent in to Detectify Crowdsource regarding an unauthenticated remote code execution (RCE) in Oracle WebLogic Server. It is easily exploited and this video shows the proof of concept.

View Video

Detectify

Read more about Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Cybersecurity Is (Still) Everyone's Job

Vulnerability scans vs Penetration tests

Weekly Cyber Security News 16/11/2018

Defending Against Zero-Day Attacks with AlienVault USM Anywhere

Demo - Continuous security assessment for AWS

Demo - Insider threat protection for AWS S3

The Art and Science of Secure Coding: Key Practices that Stand Out

Top 10 PCI DSS Compliance Pitfalls

Getting started with Detectify

Proof of Concept: CVE-2018-2894 Oracle WebLogic RCE

Monthly Archive

Follow Us