security controls
Five proven techniques for building effective fraud management
Effective management of fraud has long been a vital capability within organizations, and for good reasons. According to the Association of Certified Fraud Examiners’ …
Combating vulnerability fatigue with automated security validation
Security operations teams have been dealing with “alert fatigue” for far too long. The introduction of log monitoring (e.g., SIEM), firewall, and AV technologies over two …
Application security approaches broken by rising adoption of cloud-native architectures
The rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security, a survey of 700 CISOs by Coleman …
Label standard and best practices for Kubernetes security
This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to …
Cybersecurity control failures listed as top emerging risk
Cybersecurity control failures was listed as the top emerging risk in 1Q21 in a global poll of 165 senior executives across function and geography, according to Gartner. …
The SOC is blind to the attackable surface
A security operations center (SOC) is the central nervous system of any advanced cybersecurity program. Yet even the most well-funded, highly organized and properly equipped …
Financial institutions can strengthen cybersecurity with SWIFT’s CSCF v2021
The Society for Worldwide Interbank Financial Telecommunications (SWIFT) has introduced an updated set of baseline customer security controls that all of its users must …
Internet security is improving, but exposures still run rampant
Rapid7’s research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, …
Windows 10 users get protection against PUAs
Windows 10 users who upgrade to v2004 will finally be able to switch on a longstanding Windows Defender feature that protects users against potentially unwanted applications …
Most attacks successfully infiltrate production environments without detection
While organizations continue to invest significant budget dollars in security controls and assume that this means assets are fully protected, the reality is that a majority of …
Security and risk compliance: Still the most important part of IT strategy
Security practice is the number one priority for IT teams, with a clear majority (59%) reporting deficiencies in the controls, that should ensure data processing and storage …
macOS Catalina: Security and privacy improvements
Apple has released macOS Catalina (v10.15), a new major release of its desktop operating system, which comes with many functional and security and privacy improvements. The …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility