Iranian state-sponsored hacking group Charming Kitten has been named as the group responsible for a new wave of attacks targeting critical infrastructure in the United States and elsewhere.
When you’re trying to choose the right application security solution, navigating the options on the market can be bewildering. At Mend.io, we know that software developers and DevOps professionals use multiple tools to identify security issues in different stages of the software delivery life cycle and different code types. And we’re dedicated to making every aspect of AppSec as seamless as possible, which includes making your solution selection as easy as it can be.
Many enterprises in verticals such as power and energy, oil and gas, healthcare, and manufacturing have been playing catch up over the past decade in terms of securing their operational technology (OT) networks against cyberattacks. For years, industrial asset owners didn’t consider their OT environment to be a significant security risk.
Read our guide to learn more about the key issues to be aware of and how The OWASP Top Ten could help to reduce the risk of web application attacks.
With the first full day of RSAC 2023 in the books, we wanted to publish a running diary of some of the key takeaways and themes that we are hearing on the show floor and at the various sessions we’re attending.
This is the fourth blog in the series focused on PCI DSS, written by an AT&T Cybersecurity consultant. See the first blog relating to IAM and PCI DSS here. See the second blog on PCI DSS reporting details to ensure when contracting quarterly CDE tests here. The third blog on network and data flow diagrams for PCI DSS compliance is here.
As a security manager, you have a wide variety of tasks you need to complete in order to protect your organization — as well as your employee and customer data. Of course, some of these responsibilities are performed on a quarterly or yearly basis, such as gathering information for audits or conducting annual assessments. But there are certain tasks that you should be completing daily in order to maintain the desired security posture and reduce cyber risk across your expanding attack surface.
Greetings, digital guardians. Today, we’ll be diving into the wonderful world of External Attack Surface Management (EASM) platforms. As the sun rises on another day in your cyber kingdom, you may find yourself wondering whether your EASM platform is really up to the task of protecting it. In this article, we’ll be your guiding light in the dark alleys of EASM uncertainty.
