Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

indusface

Prevent API Exploitation: Know the Unknown, Protect the Unprotected

Sep 1, 2022 By Indusface In Indusface

Almost a year ago, Gartner predicted that API attacks would be the most frequent enterprise attack vector in 2022. Strengthening API security is more critical today than ever and must be at the core of cybersecurity strategy to prevent API exploitation. To make matters worse, the lack of API visibility weakens core security principles. More organizations don’t have an accurate inventory of APIs, and it is not surprising for 30% of APIs to be unknown.

Read Post
device authority

Managing your IoT Device Security: A Guide to Best Practice in 2022

Sep 1, 2022 By Louise José In Device Authority

The explosive growth of the Internet of Things (IoT) is changing the way we live, with over 27 billion connected devices by 2020, it’s no wonder that businesses are looking to IoT solutions to improve efficiency and drive innovation. However, with this increased connectivity comes a variety of new security threats that need to be addressed. In this article, we will discuss best practice guidelines for managing your IoT security.

Read Post
trustcloud

MeBeBot Trust Champions Achieve SOC 2 Compliance

Sep 1, 2022 By Mimi Pham In TrustCloud

What is a Trust Champion? A Trust Champion is the person who helps their organization measure and meet their internal compliance obligations. Their actions support revenue-generating activities, protect their organization from legal and contractual liabilities, and enable the organization to confidently and transparently showcase an intentional, robust, and differentiated culture of trust. Beth White – Founder & CEO – has been greatly involved with MeBeBot’s compliance procedure.

Read Post
Featured Post
ThreatQuotient

Overcoming the Barriers to Automating Your Cybersecurity

Aug 31, 2022 By Yann Le Borgne. International VP of Threat Intelligence Engineering In ThreatQuotient
"Automation" has become a buzzword in cybersecurity circles. That is not surprising in an environment where security specialists are in short supply and under intense pressure to defend the business against a huge variety of threats from innumerable different sources. Using technology to do at least some of the work seems like a no-brainer. Nevertheless, it seems that organisations are finding it hard to get the right approach to cybersecurity automation.
Read Post
redscan

Top 5 penetration testing methodologies

Aug 31, 2022 By Mark Nicholls In Redscan
Penetration testing plays a key role in identifying and addressing vulnerabilities by simulating the behaviour of a potential attacker. A range of penetration testing methodologies have been developed to enable security professionals to achieve this safely and effectively. In this blog post, we discuss the leading pen testing methodologies, what they involve and the aspects they cover.
Read Post
appknox

What is Cheaper? Open-Source vs. Commercialized Mobile App Security Testing Tools

Aug 31, 2022 By Harshit Agarwal In Appknox

When choosing automated mobile app security testing tools, mobile app development companies have two options: open-source and commercialized tools. But which one should you go for? Or, to be more precise, which one’s cheaper? If you have these questions on your mind, you’ve come to the right place. This blog explicitly differentiates open-source mobile app security testing tools from commercialized ones based on different factors, including cost.

Read Post
alienvault

How does robust cybersecurity add value to a business?

Aug 31, 2022 By Devin Partida In AT&T Cybersecurity

A company’s IT infrastructure and data are some of its most valuable assets today. Consequently, protecting them is an increasingly critical goal to stave off worst-case scenarios and preserve a business’s value. By the same token, robust cybersecurity can make a company more valuable. Many organizations understand the importance of cybersecurity as a defense but may overlook its role as an asset.

Read Post

SANS 2022 Report Moving to a State of Zero Trust

Aug 31, 2022 By Corelight In Corelight
In this webcast, SANS certified instructor Matt Bromiley will explore the concept of zero trust and what it means to security teams and your overall security posture. As a concept, zero trust is relatively straightforward: Trust no one until verified, inside or outside the network. However, this is often easier said than done, especially for systems built on legacy authentication models. Matt will also examine what a zero trust implementation looks like, how this can stop adversaries dead in their tracks, and what your organization can do to begin moving toward a state of zero trust.
View Video
cyberint

China-Taiwan Threat Intelligence Landscape

Aug 31, 2022 By Cyberint Research Team In Cyberint
Over the past couple of months, the tension between China and Taiwan has increased dramatically. The well-known conflict between both countries began in 1949 when Taiwan became a self-governing state, while Beijing still considers the island part of its territory. Beijing has promised to “unify” Taiwan with the rest of the mainland, using force if necessary.
Read Post
Trustwave

Squiz Matrix CMS Authenticated Privilege Escalation through IDOR

Aug 31, 2022 By Trustwave In Trustwave

During a recent engagement, Trustwave SpiderLabs discovered an Indirect Object Reference (IDOR) vulnerability within Squiz Matrix CMS which would allow any low privileged user to change the contact details of any other user on a Squiz Matrix instance (including administrators). An attacker exploiting the vulnerability could change an administrator’s email address to an attacker-controlled email address after which the attacker could reset the administrator’s password.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.