Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Starting a security program can be challenging for some organizations, especially running a mature program across a large business. Resourcing, lack of organization, and not having a clear remediation strategy are key aspects to the failure of some programs, which can all result in severe breaches of businesses. I’ll walk through seven steps that will help ensure your program is a success and also give a quick overview of how Outpost24’s Managed Services can support your efforts.

Credential management means securely managing user credentials to control access to important systems and data. With growing cyber threats, it has become essential for protecting sensitive information and meeting compliance standards. In this article, we’ll explore what credential management is, why it matters, and the best practices and tools to enhance your security.

In an era where password breaches have become all too common, Multi-Factor Authentication (MFA) has emerged as a critical layer of security. MFA provides an authentication method that requires users to present multiple forms of identification before gaining access to systems, which is considered a more robust defence against cyber attacks. However, as cyber criminals evolve tactics, MFA is no longer impervious to threats, particularly phishing attacks that exploit vulnerabilities.

In September 2024, SE Labs tested Acronis Extended Detection and Response (XDR) against targeted attacks based on APT29 and Scattered Spider. The test was done in parallel with SE Labs’ Q3 2024 comparative EDR test. Both tests were done using the same methodology and targeted attacks from APT29 and Scattered Spider, but the comparative test added DPRK (Democratic People’s Republic of Korea) ransomware to the evaluation.

Ever wondered how to keep your business safe from the ever-growing wave of cyber threats? Let’s understand what Endpoint Detection and Response (EDR) is and how it can be a trusted ally in protecting your business online.

Trustwave SpiderLabs is continuing its multi-year research effort delving into the unique cybersecurity challenges that face different vertical sectors with a new report launching on January 22. This effort analyzes the energy and utilities sector, industries which are increasingly targeted due to their critical role in supporting national and global infrastructures. Ransomware takes center stage in these reports, with Trustwave SpiderLabs reporting an 80% year-over-year surge in such attacks.

Identities, computers and groups all need access to resources. But only enough to fulfill a role, and only for as long as they need it. AD Admins, IT leaders, VPs and CISOs recognize this as a foundational part of Zero Trust least privilege models – and as one of the biggest challenges for enterprises. That’s because using native tools for privilege management is complex.

We are excited to announce a significant Salt Security API Protection Platform upgrade. We have recently introduced a new detection feature targeting a prevalent yet often neglected vulnerability: open redirect attacks. This issue is so severe that it is highlighted in the OWASP Top 10 API Security Risks!

On January 14, 2025, the CERT Coordination Center (CERT/CC) published a security advisory detailing multiple vulnerabilities impacting Rsync. The most severe vulnerability is CVE-2024-12084, a critical severity heap buffer overflow vulnerability in the Rsync daemon which can lead to out-of-bounds writes in the buffer.

Identity-based attacks are surging across today’s threat landscape as adversaries target identities in on-premises, cloud and SaaS applications. They aren’t breaking in — they’re logging in. Organizations must respond to these threats in real time to stop breaches, but traditional security approaches consisting of siloed tools often create visibility gaps and hinder efficiency.