The Team at Torq is pushing the boundaries of what’s possible in security automation, and we’re excited to share several new capabilities designed to make security analysts’ lives easier and more efficient.

The Security of Critical Infrastructure (SOCI) Act in Australia mandates that organizations operating within critical infrastructure sectors implement robust cybersecurity measures to protect against an increasingly diverse and sophisticated range of cyber threats. These sectors, which include energy, water, communications, healthcare, transport, and other essential services, are vital to national security, public safety, and economic stability.

In April this year, the CISA Secure By Design initiative turned one. The initiative calls for the public and private sectors to work together to challenge and encourage software manufacturing companies to adopt principles to ensure their software is developed and produced as securely as possible. The initiative tracks seven goals that software manufacturers can pledge to develop and transparently track progress towards those goals.

This month, the Vanta team launched new features to help you: ‍

In the ever-evolving field of information security, curiosity and continuous learning drive innovation. This blog series is tailored for those deeply engaged in experimental projects, leveraging Rust's capabilities to push the boundaries of what's possible. The focus on Rust, after exploring various programming languages, has led to the creation of several cutting-edge projects that are highlighted in this report.

On July 19, 2024, CrowdStrike released configuration updates for its Windows sensor, aiming to enhance security and performance. Unfortunately, this update inadvertently led to widespread downtime, manifesting as Blue Screen of Death (BSOD) on millions of machines worldwide. The BSOD, a critical system error screen, halts all operations, rendering affected systems inoperable until resolved.

We’ve talked a lot on this blog about protecting controlled unclassified information, and we’ve mentioned in places some other kinds of information, like classified and secret information, covered defense information, and other protected information. There’s one thing all of this information has in common: it’s generated by the United States government.

Welcome back to the next blog in our Evolution of Scalping series. During our last blog we covered the landmark case that exposed the power of automated purchasing – Wiseguy Tickets. We detailed their operation and their use of bots, which allowed them to snatch up huge volumes of available tickets for high-demand events.