In late July 2024, the US Cybersecurity and Infrastructure Security Agency (CISA) added two critical vulnerabilities (CVE-2024-4789 and CVE-2024-5217) affecting ServiceNow to its list of known exploited vulnerabilities. These vulnerabilities can allow unauthenticated users to execute code remotely, posing severe risks to organizations that use the platform. The potential for unauthorized access and severe data breaches makes addressing these vulnerabilities crucial.

As American poet Nikki Giovanni wisely observed, "Mistakes are a fact of life. It is the response to error that counts." This rings particularly true in the world of cyber security. Even the most vigilant individuals can make mistakes—after all, we’re only human. What truly matters is how we respond. Imagine a platform that automatically detects risky security behaviours, alerting employees and nudging them to fix their mistakes before they escalate?

In today's digital age, web applications are the backbone of many businesses, supporting and managing a vast array of sensitive information, from personal details and financial records to critical business data. When we think about any company that we want to know more about, the most common question is: “what is their website”? But web applications are not just about traditional websites, they encompass far more than just the pages you go to when browsing the Internet.

Security Information and Event Management (SIEM) is a critical tool in modern cybersecurity, combining Security Information Management (SIM) and Security Event Management (SEM) to provide real-time monitoring, threat detection and incident response. Obrela’s SIEM solutions collect and analyse security data from various sources to provide a comprehensive view of the security landscape.

Vendor risk monitoring is the process of continuously identifying, assessing, and managing security risks associated with third-party vendors. This effort is crucial to a successful Vendor Risk Management program as it ensures an organization’s third-party risk exposures remain within acceptable levels throughout each vendor's lifecycle.

The effectiveness of your entire Vendor Risk Management program is contingent on your vendor risk monitoring capabilities. Insufficient vendor security monitoring that fails to detect cyber risks during onboarding or any new cybersecurity risks throughout the vendor lifecycle will inevitably emerge later on as a major breach risk. To help you choose a vendor risk monitoring solution that will maximize your VRM investment, this post ranks the top eight vendor monitoring platforms on the market in 2024.

Like any chain, a software supply chain contains many links. These links consist of every actor involved in the development & deployment of your code in the Software Development Life Cycle (SDLC). An actor can be the developers, infrastructure components, and even repositories like GitHub. A company might have a very secure supply chain. However, it will only be as strong as its weakest link.

Every day, new headlines emerge about another major corporation falling victim to a cyberattack, leaving businesses everywhere questioning their vulnerabilities. These breaches underscore the critical need for thorough risk assessments to identify and mitigate potential weaknesses. Proactively managing risks enables organizations to better defend against the relentless wave of cyber threats.

The enterprise technology landscape has changed significantly, driven by the rapid adoption of cloud technologies, evolving IT infrastructures, and evolving exploitation activities. This transformation requires that organizations take an updated approach to vulnerability management—one that goes beyond the traditional focus on patch management to encompass a broader spectrum of risks.