Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Research shows many companies now own and operate more than 60 disparate security tools, yet breaches continue to make headlines. Throwing more tools at the problem is a tactic that simply doesn’t work and— with trends pointing toward tighter security budgets—may not even be possible anymore. Security leaders are now in a position that requires them to ask tough questions and carefully scrutinize new security tools before pulling the trigger on purchases.

We’re incredibly excited to introduce labs, a new space in the 1Password apps that lets customers test new experimental features to help influence the future of 1Password.

For security teams managing their enterprises’ privileged access management (PAM) programs, times have changed and what’s considered a privileged or high-risk account has drastically shifted. In turn, the way organizations not only manage privilege, but comprehensively secure it, must also shift. Historically, organizations have managed their PAM programs by vaulting and rotating credentials on privileged accounts.

CISA added CVE-2023-24489 to the Known Exploited Vulnerabilities Catalog in August 2023. CVE-2023-24489 is an access control vulnerability impacting the use of Citrix ShareFile StorageZones Controller version 5.11.24 and below. Citrix ShareFile is a real-time collaboration platform. While ShareFile primarily offers a cloud-based file-sharing application, there are some features that accommodate data storage through the use of a storage zone controller.

M&T Bank was established in 1856 and is one of the largest banks in the US. It is based in Buffalo, New York, and currently has over 1,000 branches in 12 separate states. The bank houses data for hundreds of thousands of individuals, and some of that information may be at risk because of a recent breach. Learn all about the 2023 M&T Bank data breach below.

At Tines we drink our own champagne. The tines@tines blog series is a testament to the unique ways we’ve leveraged Tines to accelerate our own processes. As the title implies, this post is about how we built a self-service free trial process using Tines.

In my previous blog post, I looked at how software supply chain attacks work and what you can do to assess and analyze your security posture. Now, let’s figure out how to use the resultant information to harden your software supply chain against threats.

We recently discussed the new SEC rule requiring all registered companies to report material cyber incidents within four (4) days.

As technology advances and the use of biometric data becomes more prevalent, it is crucial to address the privacy concerns and regulatory compliance associated with this sensitive data. The General Data Protection Regulation (GDPR) plays a key role in safeguarding individuals’ privacy rights and ensuring the responsible handling of biometric data. Artificial Intelligence (AI) can also be utilized to ensure compliance and responsible handling of biometric data.

As the threat landscape evolves, so must the methods and tools to safeguard critical digital assets. Vulnerability management programs that were once considered the gold standard are starting to show limitations in their ability to address complex cyber risks.