%term

Why We Collect ~70B Security Issues/Week

Jun 22, 2022 By SecurityScorecard In SecurityScorecard

At SecurityScorecard, we're collecting close to 70 billion security issues per week. Here's how: Worldwide data collection Our goal is to non-intrusively pick up enough data signals from every company worldwide to form an opinion on their cyber hygiene and vulnerability. Malware Sinkholing Working with law enforcement, our R&D team is Our security analysts are looking at the underground criminal communication for poor patching cadence and hygiene indicators.

View Video

SecurityScorecard

Read more about Why We Collect ~70B Security Issues/Week

What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9

Jun 22, 2022 By David Bruce In Tripwire

In Part 1 of this series, we reviewed the first four sections of the new PCI standards. As we continue our examination of PCI DSS version 4.0, we will consider what organizations will need to do in order to successfully transition and satisfy this update.

Read Post

Tripwire

Read more about What you need to know about PCI 4.0: Requirements 5, 6, 7, 8 and 9

Staying Connected with Cloud Exchange: Netskope Cloud Threat Exchange & Digital Shadows Plugin

Jun 22, 2022 By Sean Salomon In Netskope

Many technology professionals have experienced the sense of frustration that occurs when multiple tools in their environment do not play nicely with each other. When technology leaders are making decisions about bringing new tools into their environment, they should be thinking about more than whether the platform is just a shiny new object that adds a new capability to their team.

Read Post

Netskope

Read more about Staying Connected with Cloud Exchange: Netskope Cloud Threat Exchange & Digital Shadows Plugin

Why to harden PowerShell and not remove it completely

Jun 22, 2022 By John Gates In CalCom

The National Security Agency (NSA) and partner cybersecurity authorities recently released an information sheet recommending proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely. PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks.

Read Post

CalCom

Read more about Why to harden PowerShell and not remove it completely

Stranger Danger: Your Java Attack Surface Just Got Bigger

Jun 22, 2022 By Snyk In Snyk

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

View Video

Snyk

Read more about Stranger Danger: Your Java Attack Surface Just Got Bigger

Get Smarter Network Security Policy Automation

Jun 22, 2022 By AlgoSec In AlgoSec

In this video, AlgoSec co-founder and CTO, Prof. Avishai Wool explores the challenges of balancing security with business agility and how they can be offset with smarter network security policy automation.

View Video

AlgoSec

Read more about Get Smarter Network Security Policy Automation

12 Common Pitfalls in EDRM implementation

Jun 22, 2022 By Secude In SECUDE

The need for rapid business transformation has never been greater. Every industry is adopting digital transformation at a rapid speed. But this rapid transformation has also increased the number of data loads and applications, and cyber-attacks have become common. It has become imperative for organizations to ensure their prevention, detection, and alerting capabilities are functional. Data security approaches are fundamental to digital transformation to make sure that data protection is not breached.

Read Post

SECUDE

Read more about 12 Common Pitfalls in EDRM implementation

SLSA: A Novel Framework For Secure Software Supply Chains

Jun 22, 2022 By Niclas Gustafsson In Bytesafe

The software supply chain indicates the formal workflow of how your software moves through the coding stages done by the developers to the final packages for the end-users. When an attacker breaks in between the process and modifies the source code with malicious ones, it is known as an attack on the software supply chain. Software supply chain attacks are challenging to discover and mitigate if you do not have the proper verification and trail-tracking system, especially for large industries.

Read Post