Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2024

CVE-2024-9264 - Grafana's SQL Expressions Vulnerability

A critical vulnerability, CVE-2024-9264, has been discovered in Grafana, the open-source analytics and visualization platform widely used by organizations worldwide. According to Netlas.io, over 100,000 Grafana instances may be vulnerable globally, with nearly 19,000 in the U.S. alone. This vulnerability poses significant risks, enabling remote code execution (RCE), allowing attackers to execute arbitrary system commands and access sensitive files.

OWASP Top 10 Vulnerabilities in 2021: How to Mitigate Them?

The OWASP Top 10 is a research-based document that raises awareness among developers, organizations, and security professionals on the most critical security risks facing web applications. The latest is the OWASP Top 10 vulnerabilities 2021, released in September 2021 after a 4-year gap. In this article, the OWASP Top 10 vulnerabilities 2021 are explained in detail, along with ways to mitigate each.

7 Strategies for CISOs to Manage Compliance Efficiently

From GDPR in Europe to CCPA in California, compliance officers and CISOs face a deluge of regulations, standards, and requirements. With every country, industry, and regulator demanding different levels of control, how can teams manage these complex requirements efficiently? In a recent virtual panel discussion, I had the opportunity to join Ashish Tandon, Founder & CEO of Indusface, where I highlighted essential strategies for CISOs to navigate these compliance complexities efficiently.

Detect and Protect Strategies for Malware Free Websites and APIs

Over 1 billion known malware threats exist, with an alarming 17 million new variants emerging each month! Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting. In this webinar, join Vivekanand Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.