Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

UpGuard

5 Step Guide: How to Perform a Cyber Risk Analysis in 2021

No organization is impervious to cyberattacks. But what separates resilient businesses from data breach victims is superior risk management. Resilience is achieved through the meticulous calculation of all potential risks and the application of necessary control measures to mitigate them. In this post, we present a 4-step framework for a reliable risk management plan.

Security Posture of the ASX 200 // Webinar

Are Australian businesses prepared for cyberattacks? We assess the security posture of the ASX 200. In our latest research, we assessed the scale of cyber risk in Australia by examining the ASX 200, the index of the top 200 public companies in Australia by market capitalization. Join Greg Pollock, VP Cyber Research, and Josh Kiff, VP Sales, as we explore the eye-opening findings.

What is SAML? Definition + How it Works

SAML (Security Assertion Markup Language) is an open standard that enables users to access numerous web applications or web services using the same login credentials through identity federation. SAML relies upon two parties - an identity provider (IDP) and a service provider (SP). The IDP provides authentication information about the user to the SP. The SP uses this information to provide authorization to the user.

What is Vendor Tiering? Boost Your Vendor Risk Management

Vendor tiering is a method of classifying vendors based on the level of security risk they introduce to an organization. The level of security criticality decreases with each subsequent level. The number of tiering levels depends on personal preference. The basic vendor tiering structure consists of three levels - Tier 1, Tier 2, Tier 3, where Tier 1 represents high-risk vendors. Each vendor could be assigned to a tier manually, or the process could be based on a security questionnaire scoring system.

What is a Botnet? You Might Be Infected Right Now

A botnet is a network of malware-infected devices used to launch coordinated attacks either against a single target, like during a DDoS attack, or multiple targets like during email phishing attacks. All infected machines in a botnet are remotely controlled by a single cyber attacker that could be located anywhere in the world.

What is Privilege Escalation?

Privilege escalation is the exploitation of a programming error, vulnerability, design flaw, configuration oversight or access control in an operating system or application to gain unauthorized access to resources that are usually restricted from the application or user. This results in the application or user having more privileges than intended by the developer or system administrator, allowing attackers to gain access to sensitive data, install malware and launch other cyber attacks.

What is ISO/IEC 27001? A Clear and Concise Explanation for 2021

ISO/IEC 27001 is the leading international standard for regulating data security through a code of practice for information security management. Its creation was a joint effort of two prominent international standard bodies - the International Organization for Standardization (ISO), and the International Electrotechnical Commission (IEC). This is why the standard is formally prepended with ISO/IEC, though "IEC" is commonly left to simplify referencing.