A security incident can be the result of a single unauthorised change. A few may say, 'one change is inconsequential, don't sweat the small stuff.' But when it comes to infrastructure security, the detail is of paramount importance! Just a single edit to a single line item can have a negative effect on an entire file or operating system. It's essential to be made aware of any unauthorised file change and to be made aware with haste.

Mobile devices are now an integral part of the way we work, and because of that, mobile security has become a necessity when it comes to protecting an organization’s data. Yet with many IT and security teams already stretched to the limit, the task of incorporating mobile security into their existing operations may seem like an impossible task.

Active Directory (AD), a Microsoft Windows directory service, helps maintain a robust security perimeter within enterprise environments. It helps your business enforce security policies, assign permissions and mitigate security risks within the network. Let’s say your business’s IT infrastructure is a fortress, wherein AD acts as the gatekeeper controlling who enters and what they have access to.

Cyber attackers relentlessly scour online resources for vulnerabilities, particularly within software solutions. Despite the best efforts of dev teams and quality assurance processes, maintaining a defensive edge is a relentless challenge. Unfortunately, vulnerabilities persist, especially in trusted software solutions used by companies as the cornerstone of their cybersecurity posture, such as privileged access management (PAM).

For the third year in a row, manufacturing was the most attacked industry according to IBM X-Force incident response data. Phishing was the top initial infection vector, used in 39% of incidents, and malware was deployed in 45% of attacks. In 2023 alone, manufacturing organizations in the semiconductor, building, automotive, industrial controls systems, boating and consumer packaged goods industries suffered significant attacks.

In case you missed it, Netskope was once again named a Leader in the Gartner Magic Quadrant for Security Service Edge (SSE), placed highest in Ability to Execute and furthest in Completeness of Vision. 2024 is the third year in a row that Netskope has been named a Leader in this important Magic Quadrant and the second year to be placed Highest in Execution and Furthest in Vision.

At Bitsight, part of the Vulnerability Research team's core work involves analyzing vulnerabilities in order to create detection capabilities that can be implemented on an Internet-wide scale.

The use of artificial intelligence (AI) for defense allows for the better scanning of networks for vulnerabilities, automation, and attack detection based on existing datasets. However this is all in defense against an unknown attacker, who can have varying offensive tools all designed to overcome the most sophisticated defense. Is the biggest challenge for defensive AI that there is an offensive AI operator with unknown capabilities? And has offensive AI lowered the barrier of entry for bot attackers?

In this episode of Trust Issues, we dive into the complex and rapidly evolving world of cyber insurance. We discuss the challenges and opportunities facing companies seeking to protect themselves from the ever-present threat of cyberattacks.

You know your latest web application is inherently vulnerable to all kinds of attacks. You also know app security can never be perfect, but you can make it better tomorrow than it was yesterday. The problem is that whether you’re using enterprise-grade (aka, expensive and complex) security tools, or have cobbled together a handful of open-source projects into a CI/CD pipeline or Git commit hooks and are hoping for the best, your toolkit can’t help you see.