Please turn on your JavaScript for this page to function normally.
complex
Purpose-based access control: Putting data access requests into context

Access control is the heart of data protection. Striking the right balance between easy access and tight security isn’t easy, but getting it right is how you maintain business …

patch
October 2022 Patch Tuesday forecast: Looking for treats, not more tricks

We’ve entered the final quarter of 2022 with a favorite holiday for many – Halloween, at the end of the month. Unfortunately, Microsoft has continued to play a few tricks on …

USA
What $1B in cybersecurity funding can mean for US state, local governments

How do you best spend a cybersecurity budget you have long been hoping you’d get? That’s the question state, local, and territorial (SLT) governments are starting to ask …

People
Unearth offboarding risks before your employees say goodbye

Saying goodbye is never easy. That’s especially true when it comes to employee offboarding – but not due to sentimentality. In our increasingly digital workplace, …

lock
API authentication failures demonstrate the need for zero trust

The use of application programming interfaces (APIs) has exploded as businesses deploy mobile apps, containers, serverless computing, microservices, and expand their cloud …

open source security
When transparency is also obscurity: The conundrum that is open-source security

Open-source software (OSS) has a lot of advocates. After all, why would we continuously try and write code that solves problems that others have already solved? Why not share …

password
Is mandatory password expiration helping or hurting your password security?

For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and …

malware
Detecting fileless malware infections is becoming easier

For some analysts, memory analysis is only an optional step in cybersecurity investigations. Their reasons are simple. One: Handling memory and volatile data is a complex …

bomb
The holy trifecta for developing a secure API

It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …

Active Directory
3 types of attack paths in Microsoft Active Directory environments

A common question we are asked by clients after deploying is, “Are attack paths in Active Directory this bad for everyone?” The answer is usually “Yes,” which doesn’t make …

money
Making a business case for security in a world of tightening budgets

With talk of a possible recession approaching (if one isn’t already upon us), many businesses are already applying a higher level of scrutiny to spending—even for …

architecture
3 ways to gauge your company’s preparedness to recover from data loss

Use these three questions to assess your company’s preparedness to retrieve lost data. 1. Do you have backups of your data? This fundamental question is the basis of …

Don't miss

Cybersecurity news