Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Cybersecurity Maturity Model Certification (CMMC) program is aligned to DoD’s information security requirements for Defense Industrial Base (DIB) partners. It is designed to enforce protection of CUI (Controlled Unclassified Information) shared by the Department with its contractors and subcontractors.

When creating a new password, you know the drill – it must be at least eight characters long, contain special characters and avoid sequential characters or be based on dictionary words. Although these requirements can be a pain in the neck and seriously hamper end user experience, they are not a sign of officious IT security teams.

An effective detection and response capability is essential for monitoring key assets, containing threats early and eradicating them. However, due to the current disparate nature of potential attack vectors within an organization, affording the wide range of sensors necessary can be a challenge as well as the worry of the disruption of critical services. Yet, without robust detection and response processes, businesses are left vulnerable.

The security of our mobile gadgets is more important than ever due to the volume of mobile devices we carry, wear, and work with daily. Our mobile devices are a gold mine of apps that we rely on to protect our data and help us in our personal and work lives. Nevertheless, it is because of the vast amount of data and information we hold on these devices that makes them a target for cybercriminals.

Biotech companies face an era of opportunities and challenges as data volumes explode and technology rapidly evolves. The pressure to enhance collaboration and efficiently manage data is immense. This article explores how innovative biotechs leverage platforms like Egnyte to transform their operations.

Google, Amazon Web Services & others recently disclosed a vulnerability in HTTP/2 protocol, which is being tracked as “CVE-2023-44487”. The flaw lies in how the HTTP/2 protocol was implemented to increase the efficiency of transmitting various messages between endpoints by “Stream multiplexing”.

Cisco has released an advisory, acknowledging active exploitation of a previously unknown vulnerability, which is tracked as CVE-2023-20198, in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access, which is the highest level of access.

In an age characterized by digital transformation, APIs serve as the backbone of modern applications, enabling diverse systems to communicate and share data seamlessly. This widespread API adoption, however, exposes organizations to a considerable attack surface, inviting the attention of cyber adversaries searching for vulnerabilities to exploit.

Extended detection and response (XDR) is a technology approach that aims to provide holistic protection of endpoints. XDR technology is able to: In this in-depth article, let’s look at how XDR solutions work and what they help with. We’ll also look at limitations inherent in XDR and how they compare to other security tools, like SIEM and SOAR.

Phishing tests are the catalyst to achieve a sustainable security culture within your organization. They are actually the start of a virtuous cycle that helps you move up to the highest maturity level. The cycle initiates with Awareness. Phishing tests offer a real-time view into your employees' understanding of phishing threats. They expose your workforce to simulated phishing attempts, making the threat real to them. The immediate feedback from these tests highlights areas for improvement.