Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

CrowdStrike Earns AAA Award, 100% Total Accuracy Score in SE Labs Q3 Enterprise Advanced Security Test

The CrowdStrike Falcon platform started 2024 being recognized as SE Labs’ Best Endpoint Detection and Response 2024 award for the third consecutive year. Adversaries never stop and neither do we — CrowdStrike Falcon is the only platform that provides a unified view of stealthy threats across multiple domains exploited in attack paths.

LLMs - The what, why and how

LLMs are based on neural network architectures, with transformers being the dominant framework. Introduced in 2017, transformers use mechanisms called attention mechanisms to understand the relationships between words or tokens in text, making them highly effective at understanding and generating coherent language. Practical Example: GPT (Generative Pre-trained Transformer) models like GPT-4 are structured with billions of parameters that determine how the model processes and generates language.

Cybersecurity Consultants: How They Safeguard Your Business Operations

In the digital world of today, there are more and more cyber risks that can hurt their operations, customers' trust, and bottom line. Cyberattacks are changing quickly. Ransomware, hacking, and data breaches are just a few examples of how they hurt businesses financially and publicly. Recent studies show that hacking will cost the world an estimated $10.5 trillion every year by 2025. This shows how important it is to have strong security measures right away.

10 Best API Security Testing Companies To Consider in 2025

Every single day, billions of API calls happen across the internet. Behind your favorite applications, APIs work quietly to move data and connect systems. But with the growing use of APIs, API attacks didn’t just increase – they exploded. Take the Optus breach in September 2022, in which attackers exploited an unprotected API endpoint and accessed the personal data of up to 9.8 million customers, leading to a $10 million fine.

API Security: A Technical Guide

In the rapidly changing field of software development, application programming interfaces (APIs) are very powerful tools. They allow different applications to communicate, share data, and collaborate seamlessly, constituting approximately 71% of all web traffic. However, as APIs become more essential to our applications, they also attract cyber threats. In fact, 57% of organizations reported experiencing at least one API-related data breach in the past two years.

Enhancing Corporate Governance in the Digital Age: Integrating Cybersecurity into ESG Stewardship

In an era where digital resilience is vital to corporate health, cybersecurity is a critical governance issue. The partnership between Bitsight and Glass Lewis underscores this reality by providing companies with a forward-thinking approach to assessing cybersecurity as part of Environmental, Social, and Governance (ESG) considerations.

The Aftermath of the Kaspersky Ban

In the spring of 2024, amid growing international concern about supply chain risk and the trust and reliability of technology suppliers, the United States banned Kaspersky Lab, Inc., the Russia-based antivirus company from providing its products to the US market. The ban went into effect on September 30, 2024. What impact has the ban had on US and global usage of Kaspersky? Has it been effective? A new analysis from Bitsight contains some surprising results.

Managing NERC CIP Patching Process With Tripwire Enterprise and Tripwire State Analyzer

One of the hardest parts of managing an organization’s cybersecurity is patch management. Just as one patch cycle is completed, another set of patches are released. When compounded with the highly regulated energy industry, governed by the NERC CIP Standards, the task becomes even more daunting. Fortunately, Fortra’s Tripwire Enterprise (TE) and Tripwire State Analyzer (TSA) can ease the process.

CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular reviews are useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack. CIS Control 8 emphasizes the need for centralized collection and storage and standardization to better coordinate audit log reviews.

Leading security frameworks for CSPM

Cloud Security Posture Management (CSPM) has become essential for monitoring cloud infrastructure, identifying risks, and enforcing security policies. As cloud adoption grows, managing the complexity of these environments—where misconfigurations and vulnerabilities can lead to breaches—requires a robust approach. This is where security frameworks come into the picture. Security frameworks offer structured guidelines and best practices for managing and improving security posture.