framework
Lack of adequate investments hinders identity security efforts
Organizations are still grappling with identity-related incidents, with an alarming 90% reporting one in the last 12 months, a 6% increase from last year, according to The …
Why organizations should adopt a cloud cybersecurity framework
The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s …
Preparing for federal supply chain security standardization
In 2021, the Biden Administration published the Executive Order on Improving the Nation’s Cybersecurity (EO 14028), setting off an agency-wide security initiative with the …
Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …
OSC&R open software supply chain attack framework now on GitHub
OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the …
How healthcare CISOs can automate cloud security controls
Cloud environments provide many benefits, primarily involving their ease of scalability and resilience. Those qualities exist because of automation and the easy and …
ML practitioners push for mandatory AI Bill of Rights
The AI Bill of Rights, bias, and operational challenges amid tightening budgets are pressing issues affecting the adoption of ML as well as project and initiative success, …
Dissect: Open-source framework for collecting, analyzing forensic data
A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT …
How Just-in-Time privilege elevation prevents data breaches and lateral movement
Are inadequate security policies for privileged access making you highly vulnerable to security breaches and ransomware attacks? In the weeks that followed the high-profile …
Zero-trust-washing: Why zero trust architecture is the framework to follow
Have we got to the point where the term “zero trust” is being misused or misrepresented by some vendors as they look to capitalize on its momentum in the market? It is a …
How to protect air-gapped networks from malicious frameworks
ESET researchers present their analysis of all malicious frameworks used to attack air-gapped networks known to date. An air-gapped network is one that is physically isolated …
MITRE D3FEND: Enabling cybersecurity pros to tailor defenses against specific cyber threats
D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. NSA funded MITRE’s research for D3FEND to …
Featured news
Resources
Don't miss
- Acronis CISO on why backup strategies fail and how to make them resilient
- Ransomware attackers are “vishing” organizations via Microsoft Teams
- Scam Yourself attacks: How social engineering is evolving
- Addressing the intersection of cyber and physical security threats
- Fleet: Open-source platform for IT and security teams