There are new articles available, click to refresh the page.
Before yesterdayGeneral Security News

The Ultimate SaaS Security Posture Management (SSPM) Checklist

14 October 2021 at 16:20
Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications’ security posture. With enterprises having 1,000 or more employees relying on dozens to hundreds of apps, the need for deep visibility and remediation for SaaS security

Is Your Data Safe? Check Out Some Cybersecurity Master Classes

18 October 2021 at 06:30
Since cybersecurity is definitely an issue that’s here to stay, I’ve just checked out the recently released first episodes of Cato NetworksΒ Cybersecurity Master Class Series.Β  According to Cato, the series aims to teach and demonstrate cybersecurity tools and best practices; provide research and real-world case studies on cybersecurity; and bring the voices and opinions of top cybersecurity

Why Database Patching Best Practice Just Doesn't Work and How to Fix It

18 October 2021 at 16:00
Patching really, really matters – patching is what keeps technology solutions from becoming like big blocks of Swiss cheese, with endless security vulnerabilities punching hole after hole into critical solutions. But anyone who's spent any amount of time maintaining systems will know that patching is often easier said than done. Yes, in some instances, you can just run a command line to install

OWASP's 2021 List Shuffle: A New Battle Plan and Primary Foe

20 October 2021 at 08:16
Code injection attacks, the infamous king of vulnerabilities, have lost the top spot to broken access control as the worst of the worst, and developers need to take notice. In this increasingly chaotic world, there have always been a few constants that people could reliably count on: The sun will rise in the morning and set again at night, Mario will always be cooler than Sonic the Hedgehog, and

Product Overview: Cynet SaaS Security Posture Management (SSPM)

21 October 2021 at 13:07
Software-as-a-service (SaaS) applications have gone from novelty to business necessity in a few short years, and its positive impact on organizations is clear. It’s safe to say that most industries today run on SaaS applications, which is undoubtedly positive, but it does introduce some critical new challenges to organizations.Β  As SaaS application use expands, as well as the number of

Before and After a Pen Test: Steps to Get Through It

21 October 2021 at 17:52
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial

Hardware-grade enterprise authentication without hardware: new SIM security solution for IAM

25 October 2021 at 13:04
The average cost of a data breach, according to the latest research by IBM, now stands atΒ USD 4.24 million, the highest reported. The leading cause? Compromised credentials, often caused by human error. Although these findings continue to show an upward trend in the wrong direction, the challenge itself is not new. What is new is the unprecedented and accelerated complexity of securing the

[eBook] The Guide to Centralized Log Management for Lean IT Security Teams

27 October 2021 at 13:03
One of the side effects of today’s cyber security landscape is the overwhelming volume of data security teams must aggregate and parse. Lean security teams don’t have it any easier, and the problem is compounded if they must do it manually. Data and log management are essential for organizations to gain real-time transparency and visibility into security events.Β  XDR provider Cynet has offered

A Guide to Shift Away from Legacy Authentication Protocols in Microsoft 365

28 October 2021 at 13:15
Microsoft 365 (M365), formerly called Office 365 (O365), is Microsoft's cloud strategy flagship product with major changes ahead, such as the deprecation of their legacy authentication protocols. Often stored on or saved to the device, Basic Authentication protocols rely on sending usernames and passwords with every request, increasing the risk of attackers capturing users' credentials,

Winter is Coming for CentOS 8

29 October 2021 at 11:00
Winter is Coming for CentOS 8β€”but here is how you can enjoy your holidays after all. The server environment is complex and if you're managing thousands of Linux servers, the last thing you want is for an operating system vendor to do something completely unexpected. That is exactly what Red Hat, the parent company of the CentOS Project, did when it suddenly announced aΒ curtailment of support for

Securing SaaS Apps β€” CASB vs. SSPM

1 November 2021 at 11:50
There is often confusion between Cloud Access Security Brokers (CASB) and SaaS Security Posture Management (SSPM) solutions, as both are designed to address security issues within SaaS applications. CASBs protect sensitive data by implementing multiple security policy enforcements to safeguard critical data. For identifying and classifying sensitive information, like Personally Identifiable

Product Overview - Cynet Centralized Log Management

3 November 2021 at 15:12
For most organizations today, the logs produced by their security tools and environments provide a mixed bag. On the one hand, they can be a trove of valuable data on security breaches, vulnerabilities, attack patterns, and general security insights. On the other, organizations don’t have the right means to manage the massive scale of logs and data produced to derive any value from it.Β  Log

Our journey to API security at Raiffeisen Bank International

4 November 2021 at 12:01
This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvision's Executive Education Program, a series of events focused on how enterprises are taking charge of the API security lifecycle. Launching the "Security in Agile" program Headquartered in Vienna, Raiffeisen Bank International (RBI) operates across 14

Types of Penetration Testing

8 November 2021 at 13:29
If you are thinking about performing a penetration test on your organization, you might be interested in learning about the different types of tests available. With that knowledge, you'll be better equipped to define the scope for your project, hire the right expert and, ultimately, achieve your security objectives. What is penetration testing? Penetration testing, commonly referred to as "pen

Unique Challenges to Cyber-Security in Healthcare and How to Address Them

9 November 2021 at 13:05
No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For years, the healthcare industry has taken the brunt of ransomware attacks, data breaches, and other cyberattacks. Why is the healthcare industry particularly at risk for a cyberattack? What are the unique challenges to cybersecurity in healthcare, and how can

Navigating The Threat Landscape 2021 – From Ransomware to Botnets

11 November 2021 at 09:30
Though we are recovering from the worst pandemic, cyber threats have shown no sign of downshifting, and cybercriminals are still not short of malicious and advanced ways to achieve their goals.Β  TheΒ Global Threat Landscape ReportΒ indicates a drastic rise in sophisticated cyberattacks targeting digital infrastructures, organizations, and individuals in 2021. Threats can take different forms with

How to Tackle SaaS Security Misconfigurations

15 November 2021 at 09:53
Whether it's Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring these apps' security settings are properly configured falls on the security team. The challenge lies within how burdensome this responsibility is β€” each app has tens or hundreds of security settings to configure, in

On-Demand Webinar: Into the Cryptoverse

17 November 2021 at 10:48
In the span of a few years, cryptocurrencies have gone from laughingstock and novelty to a serious financial instrument, and a major sector in high-tech. The price of Bitcoin and Ethereum has gone from single dollars to thousands, and they’re increasingly in the mainstream.Β  This is undoubtedly a positive development, as it opens new avenues for finance, transactions, tech developments, and more

How to Build a Security Awareness Training Program that Yields Measurable Results

18 November 2021 at 12:43
Organizations have been worrying about cyber security since the advent of the technological age. Today, digital transformation coupled with the rise of remote work has made the need for security awareness all the more critical. Cyber security professionals are continuously thinking about how to prevent cyber security breaches from happening, with employees and contractors often proving to be the