Software vulnerabilities are one of the leading threats to an organization's cybersecurity posture, yet recent research from Bitsight reveals that enterprises affected by software vulnerabilities resolve them at a typical compound rate1 of only about 5% per month compounded continuously. However, there is evidence of much faster remediation for certain classes of vulnerabilities.
In 2022, the adoption of infrastructure as code (IaC) soared, with IaC domain specific languages like HCL, Shell and GoLang gaining popularity and momentum across the open source tools ecosystem. In fact, the rise of Policy as Code is the result of a new paradigm blurring the lines between IT, legal and R&D departments – everything as code. But what do developers have to do with compliance and infrastructure provisioning? What does PaC entail, and what types of PaC are there?
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Analyzing an organization’s security posture through the prism of a potential intruder’s tactics, techniques, and procedures (TTPs) provides actionable insights into the exploitable attack surface.
We’re excited to announce the newest addition to Vanta’s product portfolio, Vendor Risk Management, as well as improvements to Access Reviews, and more updates from April:
Businesses are using more SaaS applications than ever, with an average of 110 apps per organization. This proliferation of third-party applications means increasingly more customer and employee data is handled by external vendors. Ensuring your third-party vendors are secure by tracking risk, conducting reviews, and responding to issues is a security best practice and compliance requirement. Unfortunately, this process is often a manual — and expensive — one.
A new SLP bug potentially enables massive DDoS amplification attacks, Google Ads pushes new BumbleBee malware, and Chinese hackers use Linux malware variants for espionage.
As we witness a growing number of cyber-attacks and data breaches, the demand for advanced cybersecurity solutions is becoming critical. Artificial intelligence (AI) has emerged as a powerful contender to help solve pressing cybersecurity problems. Let’s explore the benefits, challenges, and potential risks of AI in cybersecurity using a Q&A composed of questions I hear often.
Most password managers are very secure and safe to use. Depending on the password manager in question, some offer more security than others. To fully understand the security of password managers you’ll first have to understand what a password manager is.
Organizations are increasingly turning to the cloud in their attempt to become more agile and efficient. Many will choose the Microsoft ecosystem and will need to become familiar with threat detection and response offered by this environment, how these technologies can be leveraged to their full potential, and what should be supplemented to avoid unnecessary risk.
