Expert analysis

Use longitudinal learning to reduce risky user behavior
People ignore information that isn’t relevant to them, which is why IT and HR departments have been approaching security training incorrectly for years. Long-form, all-hands …

Risk-based vulnerability management has produced demonstrable results
Several years ago, risk-based cybersecurity was a largely untested and hotly debated topic. But the tests have since been administered and the debate largely settled: …

Shedding light on the threat posed by shadow admins
Few organizations would purposefully hand a huge responsibility to a junior staff member before letting them fly solo on their own personal projects, but that’s effectively …

APIs in the insurance industry: Accessing a growing world of data
The insurance industry is vast and varied. It can be found in nearly every country in the world, with the earliest references dating back as early as 1750 BC. Modern …

What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …

MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …

The next big thing in cloud computing? Shh… It’s confidential
The business-driven explosion of demand for cloud-based services has made the need to provide highly secure cloud computing more urgent. Many businesses that work with …

Managing and maturing Kubernetes security in the enterprise
The TL;DR version of the Infoworld article went something like this: “Companies are shying away from managing their own Kubernetes clusters and more and more, turning to …

Attackers can teach you to defend your organization against phishing
People click on links and attachments and will, unfortunately, keep clicking even if they should know better. They’ll click for the chance of winning a holiday, or even …

Avoid these CSPM mistakes to increase your cloud security posture
Are you utilizing your cloud services to their fullest? In other words, do you have a comprehensive picture of what’s in your cloud, who put it there, and whether or not it’s …

Connected medical devices brought security loopholes mainstream
The increasing demand for self-health management, coupled with the digitalization of the modern healthcare ecosystem, translates into a medical connected devices market that …

Push past zero trust barriers to securely connect the distributed workforce
If the past year has taught us anything, it’s that trusting a device simply because it originates from inside a corporate network is not a good idea. If an endpoint is …
Featured news
Resources
Don't miss
- Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
- The Zoom attack you didn’t see coming
- Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
- The UK’s phone theft crisis is a wake-up call for digital security
- Securing digital products under the Cyber Resilience Act