Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Top tips: Four ways organizations can reduce their attack surface

Top tips is a weekly column where we highlight what’s trending in the tech world today and list ways to explore these trends. This week, we’re looking at four ways you can minimize your attack surface. Organizational IT infrastructure is now more spread out, multi-layered, and complex than ever.

The importance of continuous attack surface management in cyber security

In today’s interconnected world, cyber threats continue to evolve at a rapid pace. As businesses grow more reliant on digital systems and services, the cyber security attack surface—the totality of an organisation’s digital exposure—has expanded, increasing the risks faced by security teams. The complex nature of these threats calls for a more adaptive and responsive approach to security, particularly in identifying and mitigating vulnerabilities before they can be exploited.

BDRSuite v7 1 0 Deep Dive Enhancing Your Data Protection & Recovery Plan

This is the exclusive webinar on BDRSuite v7.1.0 by Vembu! In this in-depth session, we explore the latest features and enhancements that make data protection simpler and more powerful for IT environments, including virtual machines, servers, cloud, and endpoints. Key highlights of BDRSuite v7.1.0 include: a) Agentless backup and recovery for Proxmox VE and oVirt b) Remote backup capabilities for VMware and Hyper-V virtual machines c) Simplified Bare-Metal Recovery processes d) Chat & Conversation Backup for Microsoft 365 Teams.

Directory Traversal Cheat Sheet for 2024 [PDF Download]

If you give attackers an inch, they will take a mile. That’s essentially what happens when there are minor flaws in your web applications – these flaws leave one inch of your system’s doors open. Before you know it, sophisticated threats like directory traversal come crawling. Currently, there are 55 different directory traversal vulnerabilities in CISA’s Known Exploited Vulnerabilities (KEV) catalog.

Industry Analysts Call Trustwave Security Colony a Vital Tool for Enhanced Cybersecurity

Security Colony may not have the name recognition of some of Trustwave’s other security products and services, but when experts discuss and measure Trustwave's strengths, this repository of knowledge is almost inevitably brought up in the conversation. For example, over the last several years, the industry analyst firms IDC, Frost & Sullivan, and ISG have all called out Security Colony as a primary reason why each selected Trustwave for various accolades.

Tricentis Tosca Secrets Manager Integration with CyberArk Software

- In this video, we explore the integration between Tricentis Tosca and CyberArk, demonstrating how to securely store and manage sensitive data, such as passwords and multi-factor authentication (MFA) keys, directly in CyberArk. Learn how to seamlessly access this data in your test cases and configurations when needed. This integration ensures enhanced security for your test automation by centralizing sensitive data management within CyberArk. Be sure to subscribe for more tutorials on test automation and security best practices!

Automating Security Workflows with DAST Essentials

In today's digital landscape, developers face mounting pressure to deliver secure applications within tight deadlines. But with faster release cycles, it becomes challenging to prioritize security. Security testing needs to work and scale within your DevOps speed and release frequency. Web applications are highly targeted assets, accounting for 40% of breaches within organizations, according to the Verizon Data Breach Investigations Report.

Empowering Developers in AppSec: Scaling and Metrics

This is the second instalment of a two-part blog post. The blogs are based on one of our “AppSec Talk” YouTube videos, featuring Kondukto Security Advisor Ben Strozykowski and Rami McCarthy, a seasoned security engineer with experience at Figma and Cedar Cares. In that video, Ben and Rami delved into the critical role developers play in the security program and the application security lifecycle.