Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Do We Need Yet Another Vulnerability Scoring System? For SSVC, That's a YASS

The security world is awash in acronyms. As a niche in the security world, vulnerability, tracking, measurement, and management is no stranger to inscrutable collections of capital letters. We’ve got NVD, CPE, CWE, CVSS, EPSS, CAPEC, KEV, and of course “CVE”. The key goal of all these frameworks is to try to help folks organize information around vulnerabilities and assess how their presence might increase an organization's exposure.

Unparalleled Visibility and Threat Detection for SSE Environments

As organizations embrace digital transformation, security teams face growing challenges in maintaining visibility across diverse on-prem, cloud, and hybrid environments. With the rapid adoption of Secure Access Service Edge (SASE) and Security Service Edge (SSE) solutions, maintaining comprehensive visibility becomes even more critical.

The Veracode Customer Advantage: 184% ROI Realized

Are you getting the results you want from your application security (AppSec) program? Discovering the return on investment (ROI) is a great start, but how should you go about calculating that? That’s where our recently commissioned Total Economic Impact (TEI) study conducted by Forrester Consulting comes in. We’re thrilled and deeply grateful to share these customer stories with you.

From Risk to Reward: How 20% Revenue Growth Was Achieved Through Strategic Security

If you're a security professional like me, you're not used to your function being seen as a revenue driver for your business; you’re used to being seen as a cost center. But what if you could demonstrate that security acts as a catalyst for innovation, even leading to 20% revenue increase? Here's how a strategic security investment was not only able to help protect a business from potential threats, but also create a foundation for sustainable growth.

SecurePortal Release 2.8 - Welcome to Role-Based Access Control

Over the past few months, our development team at SecurePortal has diligently worked on a major upgrade to our access control system. In this significant update, we have revolutionised how organisations can manage and restrict access within the portal. By empowering organisations with permissions to regulate and customise visibility for specific groups, we offer the flexibility to create new groups, duplicate existing ones for customisations, and seamlessly assign users to these tailored groups.

CVE-2024-29847: Ivanti Addresses Maximum Severity RCE Vulnerability in Endpoint Manager

On September 10, 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw, found in the agent portal of specific EPM versions, allows Remote Code Execution (RCE) by an unauthenticated attacker due to improper deserialization of untrusted data.

Demystifying Data Protection in the Cloud: Runtime vs. At Rest

In the dynamic landscape of data security, navigating the complexities of modern architectures requires a sophisticated approach. The exponential growth of data and the proliferation of cloud services require advanced security strategies that can adapt to rapidly changing conditions. Traditional methods of data protection, while foundational, often fall short in addressing the needs of today’s fast-paced cloud environments.

Protect Every Identity with CyberArk's Intelligent Privilege Controls | CyberArk

In today's world, more employees than ever—across IT, workforce users, developers, and even machine identities—require access to sensitive data, increasing the risk of identity-based cyberattacks. With over 90% of organizations falling victim to such attacks, securing every identity is critical. Enter CyberArk's Intelligent Privilege Controls. These dynamic security measures adapt in real-time to protect high-risk access, ensuring the right users access the right information at the right time.