Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

* Explore some of the top use cases for which our on-demand CRQ platform is utilized, walking through the specific features and how to leverage them for each of the use cases. These use cases include high-level communication and board reporting, insurance optimization, budgeting, and additional resource justification.

On June 15, 2024, half a year after the SEC's cybersecurity regulations were enacted, smaller organizations—those with a public float under $250 million or annual revenue under $100 million—were finally subject to report material cyber events on Form 8-K, Line 1.05. However, as the larger entities have already demonstrated, determining materiality can be complex, requiring stakeholders to consider financial loss, compromised data records, operational impacts, and more.

In this video, we cover strengthening password security, the first layer of defense.

Are layoffs increasing your cybersecurity risk and driving your team to burnout? This episode looks into the psychological underpinnings of infosec to navigate turbulent times at work.

Justin Bollinger, Principal Security Consultant at TrustedSec, discussed his research and mitigation guidance on ADCS ESC15 (CVE-2024-49019), also known as EKUwu, a vulnerability in Microsoft's Active Directory Certificate Services.

Watch the full video for more...

This week on the podcast, Marc Laliberte and Corey Nachreiner dive into a research white paper that explores how attackers could use AI to execute a full-scale money or credential theft scam from start to finish. Before that, they discuss Sophos's five-year battle with Chinese hackers targeting network devices, followed by a conversation about Microsoft’s ongoing fight against password spray attacks through compromised network devices.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

ARMO, a cloud-native security company, has been able to strengthen its security posture and ensure the protection of its client's data, thanks to GitGuardian. The company's CTO and co-founder, Ben Hirschberg, shared his experience of how GitGuardian has helped them close a significant security gap and instill a culture of security awareness throughout the organization.

Why don’t we treat the information we consume online with the same care as the food we put in our bodies? To unpack this question and much more, we're joined by Vladimir Prelovac, founder and CEO of privacy-focused search engine Kagi. Tune in as we dive into the true cost of free search engines, how Kagi is disrupting the landscape, and the impact of AI on the future of search. If that wasn't enough to get you reaching for your headphones, we discuss chatbot woes and ransomware records in Watchtower Weekly. Plus, we live up to our name by randomly discussing biscuits in.