CREST accreditation is a good place to start – a ‘stamp of approval’ for a high-quality penetration test. But what does it mean to be CREST-approved, and what differentiates CREST penetration testing from other assessments? Read on to find out.

We're excited to announce the introduction of Exact Data Match (EDM) to Cyberhaven’s suite of Data Loss Prevention (DLP) capabilities. Although EDM technology has been in use since the 2000s, Cyberhaven is adapting and advancing this technology to meet the demands of today’s data security challenges. Read on to learn more!

Identity and access management (IAM) plays a crucial role in security by helping to ensure that each user in the organization has access to only the data, systems, and other resources they need to do their job. This article explains the critical functionality of IAM solutions and how an IAM assessment can help you uncover essential risks to security, compliance, and business continuity. Then, it offers IAM best practices and guidance on choosing the right IAM solutions for your organization.

The Digital Operational Resilience Act (DORA) is a robust cybersecurity regulation in the European Union (EU) taking effect next year. It is designed to help protect against evolving digital threats to financial systems. Like GDPR, the scope of DORA isn’t only limited to financial services companies and banks. Service providers in Information, Communications and Technology (ICT) and third-party vendors are also on the hook. If you haven’t been preparing, the time to be is now.

Cybersecurity and threat preparedness may be at the forefront of your mind, and you may have protections in place against more common threats. Yet, as these threats continue to evolve, vigilance and adaptation are crucial for construction and manufacturing organizations.

Like everything we do, our devices have become a valuable asset in managing our lives. One of the most important things we all have to manage is our finances, and mobile banking has become the new norm for many of us to: The number of people relying on online banking is steadily increasing. By 2025, the number of people managing their finances is projected to reach 217 million. For this reason, mobile banking security is crucial to prevent cyber criminals from emptying your accounts.

Workplaces have evolved. While hybrid and remote work existed before COVID-19, these working arrangements became even more prevalent during and after the pandemic. Today, workplaces offer the flexibility for employees to work and access company resources from anywhere worldwide, with the Server Message Block (SMB) protocol at the center of this.

SQL injection vulnerabilities may affect any website or application that employs an SQL database, such as MySQL, Oracle, SQL Server, or others. Malicious actors may use them to gain unauthorized access to sensitive information, such as customer information, personal data, trade secrets, and more. For example, SQL injections were responsible for 23% of global vulnerabilities in 2023, Moreover, 19% of the internet faces cross-site scripting (stored) attacks.

In late February of this year, Change Healthcare experienced a massive ransomware attack. The company, a subsidiary of United Healthcare, is the largest clearinghouse for insurance billing and payments in the U.S, processing 15 billion medical claims each year.