Here are three examples that are worth your attention. Oh, what could have been avoided.
|
By Vincent Saporito
Over the past three years, the second Tuesday of each month has turned into a hectic period of planning and remediation, driven by a 25% average annual growth rate in CVEs. Just last Tuesday, Microsoft revealed a critical TCP/IP remote code execution (RCE) vulnerability in the IPv6 stack, which has a CVSS score of 9.8 due to its criticality and ease of exploitation. For a more in-depth look, we recommend these resources.
|
By Rik Ferguson
In a never-ending effort to do their job and secure their environments, cybersecurity teams often bear the brunt of negative perceptions, labelled as the department of ‘No.’ “No” to admin privileges, “No” to personal devices, and “No” to connecting unapproved technologies. These repeated denials, although done with the best intentions, can stifle innovation and create frustration within organizations. This perception needs to change.
|
By Don Sears
This week, the National Institute for Standards and Technology (NIST) released “Implementing a Zero Trust Architecture (NIST SP 1800-35)” for public comment. The guide is written by NIST’s National Cybersecurity Center of Excellence (NCCoE) in collaboration with 24 cybersecurity companies. Now in its fourth draft, NCCoE has opened up comments for this Zero Trust Architecture (ZTA) guide through Sept. 30, 2024, as part of a 60-day review cycle.
The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.
In the last few weeks, there have been a few announcements made about a new malware threat known as FrostyGoop or BUSTLEBERM (as it was originally tracked by Mandiant). It is being recognized as the first custom malware to integrate Modbus for the purpose of causing physical damage. An associated incident has been reported where the malware was used to disrupt heating in Ukrainian homes in the context of a Russian cyberattack.
|
By Daniel dos Santos
Ransomware risk is top of mind for citizens and CISOs alike. From the board room to the room known as the ‘SOC’, everyone is feeling the pain of disruption. Being locked out of a system and forced back to pen and paper is shocking to our working lives. Too often, it is delaying a much-needed surgery or forcing manual intervention where a digital avenue was easy and efficient. But the effects of ransomware don’t appear to be going anywhere soon.
|
By Michael Bacon
No one feels the pain of ransomware and other disruptive and costly digital cybersecurity attacks more than the people managing the day-to-day in your SOC (Security Operations Center). At 13 attacks every second in 2023, cybercriminals, fraudsters and nation-state hacktivists are overwhelming SOC analysts. Nearly two-thirds (63%) of SOC analysts report the size of the attack surface has increased. At the same time, CISOs and SOC managers are struggling to handle on-the-job analyst burnout and turnover.
Wipers are malware that delete data on a device or make it inaccessible. They can be used for sabotage, to destroy evidence of an attack or simply to make a device unusable. IoT wipers often rewrite important parts of the firmware of an IoT device, rendering that device useless, so they are also known as “brickers”. Recent notorious examples of IoT wipers are AcidRain which was used by a Russian APT to brick satellite modems in Europe at the outset of the Russian invasion of Ukraine in 2022.
|
By Rhonda Holloway
Network Access Control (NAC) has undergone significant advancements since the beginning, continuously adapting for cybersecurity threats and technological innovation. As organizations embrace BYOD (Bring Your Own Device) and IoT/OT (Internet of Things/Operational Technology), vendors have transformed traditional NAC solutions to meet these new demands while maintaining a balance between usability and security.
In this conversation, Forescout CEO Barry Mainz sits down with Dr. Chase Cunningham, also known as “Dr. Zero Trust,” to unpack why Zero Trust is often harder to implement than expected in real-world environments. They also explore what changes when Zero Trust becomes universal (UZTNA)—extending across every connection, every asset, and every environment.
Mythos has elevated cybersecurity concerns, but it does not need to change the playbook completely.
At the 2025 RSA Conference, Justin Foster joins Zeus Kerravala to break down where AI in cybersecurity is actually delivering value and where it’s falling short. As security teams deal with growing complexity, many are finding that today’s AI tools create as much friction as they solve. This conversation explores how a shift toward agentic, skills-based AI can help teams move faster, reduce noise, and focus on what really matters.
Claude Mythos is an AI model capable of finding and chaining zero-day vulnerabilities at scale. That changes how attacks happen, especially in environments where you can’t patch fast enough. The Forescout 4D Platform with VistaroAI helps organizations respond with real-time visibility and dynamic control across all connected devices.
Third-party and supply-chain cyber risk has become one of the most urgent challenges facing healthcare organizations today. In this session, Forescout leaders discuss how hospitals can respond to vendor compromises and prepare for the next incident.
Traditional, IP‑based segmentation can’t keep up with today’s hybrid networks. In this video, learn why visibility, device identity, and risk context are essential to segmenting modern IT, OT, and IoT environments — and how Forescout is redefining segmentation for the way enterprises actually operate.
In this conversation, Forescout CEO Barry Mainz is joined by Dr. Chase Cunningham, also known as Dr. Zero Trust. Together, they will explore why Zero Trust feels harder than promised in real-world environments and what changes when you make Zero Trust universal (UZTNA): every connection, every asset, every environment.
Cybersecurity moves fast and your environment moves even faster. Forescout VistaroAI helps security teams keep up by instantly analyzing changes across your network and surfacing the risks that matter most. Instead of drowning in dashboards and alerts, Forescout VistaroAI gives you: VistaroAI turns continuous change into clear, actionable intelligence, helping teams stay ahead of threats with confidence.
Forescout VistaroAI shows you what changed, what matters, and what to do next — instantly.
Meet Forescout VistaroAI, the first skills‑based agentic AI for cybersecurity. Forescout VistaroAI I thinks like a security expert, not a chatbot. It uses cybersecurity‑specific, preprogrammed skills to analyze anomalies, interpret posture changes, and automatically highlight affected assets. It eliminates the need for prompt engineering, providing role-based automation with human-in-the-loop control. The result is faster, more accurate decisions, and clearer starting points for real investigations.
|
By Forescout
The IT landscape is rapidly evolving to meet the demands of our digitally transforming world and a radically changed business environment that calls for always-on performance and agility at scale. As a result, client-server computing has given way to disruptive IT architectures that reshape business and ownership models. These include private and public cloud services, 'bring your own device' (BYOD), mobility and the Internet of Things (IoT).
The NERC CIP standards are a set of mandatory requirements for North America's bulk electric system.
|
By Forescout
They are designed to secure the assets of these essential services. There are 11 standards in total, covering everything from the protection of critical cyber assets to security management, personnel & training, incident reporting, and recovery planning. In this free eBook we explore how the continuous network monitoring capabilities of eyeInspect can streamline your compliance with these NERC CIP standards, saving you considerable time and money.
|
By Forescout
That's because perimeter-focused security architectures that default to high trust levels on the internal network are ill-suited for an edgeless enterprise that increasingly supports mobile and remote workers as well as vast numbers of IoT devices. This Forescout white paper explains why visibility is essential for effective Zero Trust architecture and how continuous visibility can help you identify, segment and enforce compliance using Zero Trust principles. It also addresses foundational capabilities Forrester Research requires to designate solutions as a Zero Trust platform.
|
By Forescout
With a staggering majority of devices - expected to reach more than 75 billion by 2025 - connected to vast networks and the internet, reducing cyber risk becomes a critical focal point for the age of IoT.
|
By Forescout
The drive to increase productivity and reduce costs in manufacturing environments has led to an exponential increase in the adoption of automation on plant floors, also known as Industry 4.0. If your organization has integrated its computation, networking and physical processes, this whitepaper will explain how deploying network monitoring technology will bring tremendous value to both your IT and OT teams.
|
By Forescout
The diverse and complex nature of IIoT and OT security use cases can make the technology selection difficult, and unfortunately, copying IT security practices and technology will not result in a secure OT environment. To achieve lasting success with OT cybersecurity investments, managers must ask prescriptive questions during the technology procurement process. In this eBook, we discuss the seven questions recommended by Gartner for SRM leaders to ask during their OT security technology selection and how Forescout answers them.
- April 2026 (4)
- March 2026 (3)
- February 2026 (3)
- January 2026 (1)
- December 2025 (3)
- November 2025 (1)
- October 2025 (3)
- September 2025 (1)
- August 2025 (7)
- June 2025 (2)
- April 2025 (3)
- March 2025 (1)
- January 2025 (1)
- October 2024 (5)
- September 2024 (1)
- August 2024 (5)
- July 2024 (7)
- June 2024 (4)
- May 2024 (9)
- April 2024 (5)
- March 2024 (5)
- February 2024 (4)
- January 2024 (4)
- December 2023 (2)
- November 2023 (2)
- October 2023 (2)
- September 2023 (6)
- August 2023 (2)
- July 2023 (3)
- June 2023 (5)
- May 2023 (4)
- April 2023 (2)
- March 2023 (6)
- February 2023 (2)
- January 2023 (2)
- December 2022 (5)
- November 2022 (4)
- October 2022 (10)
- September 2022 (7)
- August 2022 (5)
- July 2022 (1)
- June 2022 (8)
- May 2022 (4)
- April 2022 (9)
- March 2022 (2)
- February 2022 (5)
- December 2021 (14)
- November 2021 (6)
- October 2021 (4)
- September 2021 (2)
- May 2021 (2)
- April 2021 (1)
- February 2021 (2)
- January 2021 (1)
- December 2020 (2)
- November 2020 (4)
With so many agentless devices being deployed every day, it’s never been harder to protect your network from threats. Forescout delivers actionable information so you can see the devices on your network and take action to prevent them from compromising your enterprise.
Forescout Technologies, Inc. actively defends the Enterprise of Things by identifying, segmenting and enforcing compliance of every connected thing. Fortune 1000 companies trust Forescout as it provides the most widely deployed, enterprise-class platform at scale across IT, IoT, and OT managed and unmanaged devices.
Forescout arms customers with more device intelligence than any other company in the world, allowing organizations across every industry to accurately classify risk, detect anomalies and quickly remediate cyberthreats without disruption of critical business assets. Don’t just see it. Secure it.
See Every Device. Defend Your Entire Network.