Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Chrome and Mozilla announced that they will stop trusting Entrust’s public TLS certificates issued after November 12, 2024 and December 1, 2024, respectively. This decision stems from concerns related to Entrust’s ability to meet the CA/Browser Forum’s requirements for a publicly trusted certificate authority (CA).

Penetration testing, dynamic application security testing (DAST), and attack surface management (ASM) are all strategies designed to manage an organization’s digital attack surface. However, while each aids in identifying and closing vulnerabilities, they have significant differences and play complementary roles within a corporate cybersecurity strategy. Let’s take a quick look at the definition of each of these strategies.

In a groundbreaking move, some of the world’s largest telecom operators—América Móvil, AT&T, Bharti Airtel, Deutsche Telekom, Orange, Reliance Jio, Singtel, Telefonica, Telstra, T-Mobile, Verizon, and Vodafone—are partnering with Ericsson to launch a new venture aimed at transforming how network Application Programming Interfaces (APIs) are accessed and used.

Cybersecurity Maturity Model Certification (CMMC) is a critical framework for protecting sensitive information within the defense industrial base (DIB). With the transition to CMMC 2.0, organizations that do business with the Department of Defense (DoD) must ensure they meet evolving cybersecurity standards.

Interactive, hands-on keyboard attack campaigns are employed by today’s most proficient threat actors to penetrate organizational defenses. The network perimeter is typically the initial line of defense against unauthorized access to an organization’s network and the sensitive data it contains. After infiltration, attackers establish command-and-control (C&C) and data exfiltration channels to receive malicious payloads and export stolen data.

Today, we are excited to announce a significant milestone in our journey to secure enterprise copilots and low-code development platforms by launching our new product; the Zenity AI Trust Layer. This new offering provides full security and governance control for enterprise copilots, and in the first step is focused on Microsoft 365 Copilot. The use of enterprise copilots is undeniably a story in low-code application development.

In their capacity as a regulator, the Portuguese National Cybersecurity Centre (CNCS) is at the forefront of adapting to NIS2 requirements and ensuring that entities under their purview are compliant. They provide strategic oversight and support for organisations navigating the complexities of the new directive, which introduces stricter standards for risk management, incident response, and supply chain security.

As cyber threats continue to be more sophisticated, the need for active directory security becomes paramount. Most Windows-based environments are heavily reliant on the AD configuration hence it’s a common target for intruders. This article outlines essential practices for AD hardening to protect your organization’s assets.

Thousands of our customers are leveraging Snyk to implement their DevSecOps and shift-left strategies. However, with the increasing speed and complexity of applications, we also know it’s harder to stay in sync with development. It is increasingly difficult to maintain a clear view of all the software assets being developed, identify ownership and their importance to the business, and, most importantly, ensure that these assets are properly secured by Snyk.

We are thrilled to announce that Rubrik has been ranked highest for the ransomware protection, detection, and recovery use case in the 2024 Gartner Critical Capabilities for Enterprise Backup and Recovery Software Solutions1. This recognition underscores our unwavering commitment to innovation that empowers customers with robust cyber resilience solutions in an increasingly complex digital landscape.