Conducting regular user access reviews is an effective way to make sure your organization is securing access to critical systems and third-party vendors. Frameworks like SOC 2 and ISO 27001 even require proof of regular access reviews to demonstrate compliance. ‍ Without automation, access reviews are tedious and time-consuming, requiring IT and security teams to manually record user access information in a spreadsheet and take countless screenshots of access permissions screens. ‍

The pace and complexity of AI technologies is increasing every day. In this rapidly changing environment, it’s critical for companies to adopt a rigorous approach to safely and responsibly incorporating AI into their products and processes. ‍ That’s why we’re excited to announce that the NIST AI Risk Management Framework (RMF) is now available in beta.

Zloader returns from hiatus, VexTrio brokers malware for over 60 affiliates, and Kasseika ransomware launches BYOVD attacks.

This month's release roll-up for product updates and enhancements includes AI-driven Document Summaries and Q&A - ‘Ask’ Tab, Advanced Watermarking, and Share File and Folder Links. Below is a summary of these and other new releases. Visit the articles linked below for more details.

Security teams are busier than ever, so it’s no surprise that practitioners are using podcasts to keep up to date with cybersecurity news, ideas, and tools. The data backs this one up - according to the 2023 Voice of the SOC report, 83% of security professionals listen to at least one security podcast. So which podcasts are practitioners listening to? Our report, which surveyed 900 security professionals in the US and Europe, identifies 9 frontrunners.

Since the start of 2024, Egress’ threat intelligence team has seen a 109% increase in Salesforce phishing attacks using what appears to be a legitimate email domain linked to Salesforce that impersonates Meta. Leveraging obfuscation techniques to mask a malicious URL, attackers are attempting to drive users to a very convincing spoof of a Meta ‘Partner Portal’ to harvest their credentials.

Managed security services are growing across all regions. Companies are placing greater emphasis on cybersecurity and traditional MSPs have added these services to their offerings to meet this need.

It’s said that life truly begins when you step out of your comfort zone. Living in California provides me with many options for hiking and trekking, a perfect backdrop for spending time with nature and enjoying it with friends and family. As a hiking and nature enthusiast, I have done many moderately challenging trails in and around the Bay Area – my comfort zone.

Application programming interface (API) security is critical for retailers increasingly reliant on cloud technology. However, they also open potential gateways for cyber threats, making robust security protocols essential to protect sensitive data and maintain customer trust. The complexity of retail systems, which often involve numerous third-party integrations, can create multiple points of vulnerability.

Businesses today are generating vast amounts of data every hour, and harnessing this information strategically is crucial for making informed decisions. Data warehousing plays a pivotal role in this process, providing a centralized repository for organizing, storing, and analyzing data. With a plethora of tools available, it can be difficult to determine which solution is best for you.