Extending security to fourth parties your business needs, but doesn’t control
While there is much discussion about the data security and privacy risks created by third parties, another source of risk can be significant but overlooked: that from fourth …
AI vs. AI: Cybersecurity battle royale
David and Goliath. The Invasion of Normandy. No matter the generation, we all know some of the storied battles that have withstood the test of time. In cyberspace, however, …
A compendium of container escapes
In this Help Net Security podcast recorded at Black Hat USA 2019, Brandon Edwards, Chief Scientist at Capsule8, talks about about a compendium of container escapes, and the …
Optimizing the patch management process
In this podcast recorded at Black Hat USA 2019, Jimmy Graham, Senior Director of Product Management at Qualys, discusses the importance of a tailored patch management process. …
Protecting your organization against privileged identity theft
What do the top data breaches of the 21st century have in common? Privileged identity abuse. In these breach instances, well-resourced, external actors were able to gain the …
SOC-as-a-Service promises threat protection in a world of scarce resources
Despite more than a few decades’ worth of technological advancement and millions of dollars’ worth of research, cyber threats continue to flourish. The situation has been …
Make sure you keep an eye on your APIs
Application programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central …
Pitfalls to avoid when improving your software development skills
The dizzying pace of technological change makes knowledge acquisition and skill development a very big deal in the IT and IT security industry. Luckily, the opportunities for …
Embracing the cloud and meeting its security demands
If you want to build a career in information security, there’s no shortage of diverse roles you can aim for. Whether you’ll end up doing that or something else …
Prevent lateral attacks inside the data center with a defense-in-depth hardware layer
IT departments tend to be concerned primarily with cybersecurity attacks that originate from outside the enterprise, known as a “north-south” attacks. This often leaves them …
Security orchestration and automation checklist: How to choose the right vendor
Faced up against the well-chronicled global skills shortage, the ceaseless bombardment of security alerts and the hodgepodge of security tools unable to communicate with each …
DNS security is no longer optional
Several high-profile DNS security incidents have made headlines recently, a reminder that this integral part of the internet must not be taken for granted. Unlike enterprise …