Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Why Offensive Security Should Be a Top Priority, Not Just a Check-the-Box Compliance Requirement

The following is a guest blog by Lisel Newton, Executive Director, Information Security, Risk & Compliance at Gossamer Bio. When it comes to cybersecurity, too many companies treat offensive security measures, such as Red Team exercises and penetration testing, as mere compliance checkboxes. Gossamer Bio, however, prioritizes offensive security as an integral component of our proactive defense strategy rather than just a regulatory requirement.

The SOC Automation Pyramid of Pain

Patrick Orzechowski (also known as “PO”) is Torq’s Field CISO, bringing his years of experience and expertise as a SOC leader to our customers. PO is a seasoned security veteran with a deep understanding of the modern security landscape. You can find him talking to SOC leaders and CISOs from major brands at cybersecurity events around the world. Why AI-driven Hyperautomation is the answer to your SOC pain.

Stronger Security, Easier Compliance: Why Small Businesses Need a Managed WAF

Small businesses are becoming primary targets for cyberattacks. Attackers know that small businesses often lack the security resources of larger enterprises, making them an easy entry point for data breaches, ransomware, and website takeovers.

How Can Automation and PCAP Visualization Transform Your Network Troubleshooting?

Network troubleshooting was always a crucial but intimidating element of guaranteeing error-free connection and operational proficiency. Packet Captures (PCAPs) are the go-to standard solution for diagnosing connectivity problems, locating network impediments, and uncovering ultimate causes of failure. As strong as PCAPs are, however, traditional manual methods for deciphering them are limited to built-in faults.

Empowering organizations: Identifying and assigning effective risk owners

Effective risk management is crucial for organizational success in the business environment. Central to this process is the designation of risk owners—individuals accountable for identifying, assessing, and mitigating risks within their domains. Assigning the right risk owners not only enhances risk management but also fosters a culture of accountability and proactive problem-solving.

Cyber Risk Quantification Explained: Revolutionizing Security for Hospitals and Healthcare Providers

Cybersecurity is undeniably a critical concern for hospitals and healthcare organizations, as they handle sensitive patient data and are prime targets for cyber attacks. Traditionally, cybersecurity and HIPAA compliance are managed through biannual or yearly audits, which generate a list of items that need remediation to bring the organization into compliance.

M-21-31 logging compliance: Where are we now?

How US federal agencies can better meet advanced event logging requirements For the past four years or so, US federal agencies have been working to comply with the requirements set out in OMB M-21-31. Released in 2021, the Office of Management and Budget (OMB)’s M-21-31 memorandum provided guidance and requirements for federal agencies in order to improve centralized visibility into logging data before, during, and after cybersecurity incidents.

Can Autonomous LLM Agents Exploit One Day Vulnerabilities?

When generative AI first emerged, the cybersecurity community primarily focused on two promising benefits. However, a concerning “third angle” has now been demonstrated: AI as an attacker – powerful AI systems in the hands of malicious actors, autonomously exploiting vulnerabilities with minimal human guidance.

Stateful Firewall: How It Tracks and Blocks Malicious Traffic

Today, when online threats are always changing, it's more important than ever to keep your network safe. Keep your computer safe with a stateful firewall. It keeps an eye on all open links and sorts data smartly based on security rules, state, and context. In real time, stateful firewalls can decide how to protect your network because they keep track of all live sessions. Without a state, filters look at each file separately, which is not the same thing.