Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Tines for governance, risk, and compliance: Mastering GRC with workflow automation and orchestration

Unlock the secrets to staying ahead in the ever-evolving world of governance, risk, and compliance (GRC) in our upcoming webinar. In this webinar, we will share an overview of the current GRC landscape and the transformative potential of workflow automation and orchestration. During the webinar, we discussed: Whether you're a seasoned GRC professional or just beginning to explore workflow automation and orchestration, this webinar offers essential insights and actionable strategies to help you navigate the complexities of GRC in today's dynamic environment.

Choosing the Right Deployment Option for Your API Security Solution

You need an API security solution. That much is a given (although some may argue it isn’t!). While essential for business growth and innovation, APIs, or Application Programming Interfaces, expose the organizations that use them to cyber threats. Attackers are both aware of and actively exploiting this fact: Wallarm recently revealed that attacks on APIs impacted 98.35 million users in Q2 2024.

Disable Data Execution Prevention

Data Execution Prevention (DEP) is a Windows security feature that protects systems by preventing code from executing in memory areas designated for data storage. By ensuring only authorized programs can run in specific memory regions, DEP helps block malicious software, such as viruses, from executing harmful code. It operates at both hardware and software levels, monitoring memory usage to prevent exploits like buffer overflow attacks.

Cyber Essentials certification cost and related expenses: A detailed breakdown

The Cyber Essentials assurance scheme is one of the best accreditations you can obtain for improving your organization's cybersecurity posture and reducing the risk of cyberattacks. It offers a robust set of controls you can implement to fortify the security of your data, systems, and other IT assets and build greater trust with your stakeholders.

CVE-2024-47610: Stored XSS Vulnerability in InvenTree

Astra Security identified a vulnerability in the InvenTree Inventory Management System on October 2nd, 2024, which has since been patched. This vulnerability, CVE-2024-47610, is stored cross-site scripting (stored XSS) that targets versions of InvenTree below 0.16.5, where ‘Markdown,’ in the Notes feature, can enable attackers to run code. Cross-site scripting vulnerabilities allow a hacker to inject HTML code into an application and affect the users who intercept the code.

Introducing Landscape Mode, Passphrases and Other Improvements to KeeperFill

Introducing Landscape Mode, Passphrases and Other Improvements to KeeperFill Intro KeeperFill is Keeper’s powerful, autofilling feature that works across all devices, allowing you to automatically and securely fill your usernames, passwords, passkeys, 2FA codes and more into the sites you visit.

Who's Responsible for Your Security?

Antivirus, malware protection, email security, EDR, XDR, next-generation firewalls, AI-enabled analytics – the list of protective controls and vendors appears to go on forever. Each day, bad actors discover new attack vectors that provide them with new roads to create chaos and destruction. News of data leaks, breaches and exposures has reached the point where it leaves most people numb and apathetic.

EP 63 - Jailbreaking AI: The Risks and Realities of Machine Identities

In this episode of Trust Issues, host David Puner welcomes back Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, for a discussion covering the latest developments in generative AI and the emerging cyberthreats associated with it. Lavi shares insights on how machine identities are becoming prime targets for threat actors and discusses the innovative research being conducted by CyberArk Labs to understand and mitigate these risks.