7 DevSecOps myths and how to overcome them
DevOps and security teams have long been at odds with each other over the software delivery pipeline. DevOps teams have historically viewed security teams as the “release …
How the blurring of the “supply chain” opens your doors to attackers—and how you can close them
There have been more than 200 dedicated supply chain attacks over the past decade. Some of these campaigns have affected countless supplier networks and millions of customers …
Board members and the C-suite need secure communication tools
Board members and the C-suite are key targets for cyber-threat actors, due to their access to highly sensitive information. Yet too many of them are putting their …
Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
According to Volexity, a webshell was discovered in Atlassian Confluence server during an incident response investigation. Volexity determined that it was a zero-day …
How financial institutions are improving customer experience with fraud prevention measures
Fraud is a persistent threat, and there’s no end in sight as the e-commerce landscape continues to evolve and the use of online payment platforms increases. According to one …
Zero trust adoption: Industry-specific challenges and implementation strategies
Organizations across many industries are in the throes of a journey to implement the zero trust security model to increase their cybersecurity posture. Through my experience …
Mind the gap: How to ensure your vulnerability detection methods are up to scratch
With global cyber crime costs expected to surge, it comes as little surprise that the risk of attack is companies’ biggest concern globally. To help businesses uncover and fix …
Once is never enough: The need for continuous penetration testing
If you Google “How often should I do penetration testing?”, the first answer that pops up is “once a year.” Indeed, even industry-leading standards like PCI-DSS dictate that …
SaaS security: How to avoid “death by 1000 apps”
SaaS applications have become synonymous with modern business environments, and CISOs and security teams struggle to find a happy medium between ensuring the security of their …
API security warrants its own specific solution
Application programming interfaces (APIs) enable developers to quickly and easily roll-out services but they’re also equally attractive to attackers. This is because they can …
Getting to grips with SaaS security
The SaaS market is expanding at a rapid rate. In August last year, Gartner forecast that worldwide spending on SaaS would rise from $120.6 billion in 2020 to $170.9 billion …
Recovery and resilience: CISO insights into the 2022 cybersecurity landscape
I recently had the opportunity to meet and speak with several luminaries of the global security ecosystem: Roger Hale – Chief Security Officer at Agora; Sounil Yu …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints