Security Boulevard, Friday, November 22nd, 2024
Is Cyber Threat Intelligence Worthless?
I was recently asked 'What do intelligence reports do? They appear worthless!'
more →
Back Issues This Week → Popular →
All issues › Archive
Security — Archive
2,322 articles · page 23 of 47
Security Boulevard, Friday, November 22nd, 2024
Identity Security: What Next?
Identity Security is a topic we have tracked and discussed on numerous occasions at The Cyber Hut over the past 12 months.
more → Security Boulevard, Friday, November 22nd, 2024
How To Choose The Best Security Operations Platform: Key Considerations & Tips
Selecting the right cybersecurity operations platform is critical for effective threat detection, response, and mitigation. With numerous platforms available, it's essential to choose one that aligns with your organization's specific needs and goals. This guide covers key factors to help you make a confident, well-informed decision.
more → Security Boulevard, Friday, November 22nd, 2024
CISA: Over Half Of Top Routinely Exploited Vulnerabilities In 2023 Affected Network Devices And Infrastructure
Over half of the most routinely exploited vulnerabilities worldwide in 2023 affected network devices and infrastructure, according to a cybersecurity advisory issued by CISA and other international cybersecurity agencies in November, 2024.
more → Security Boulevard, Thursday, November 21st, 2024
The Crucial Influence Of Human Factors In Security Breaches
Set the scene: It's that time of the month for your organization's town hall, and you've decided to attend this one in the office to catch up with some co-workers. You arrive early and join a group at the water cooler.
more → tripwire, Wednesday, November 20th, 2024
Essential Security Best Practices For Remote Work
As we continue to embrace remote work, it's crucial to keep our security practices sharp to protect both company and personal data.
more →
Search Security, Wednesday, November 20th, 2024
4 Types Of Access Control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission.
more →
Security Boulevard, Wednesday, November 20th, 2024
Disorder In The Court: Unintended Consequences Of Account Takeover (ATO)
The most common ATO threat that individuals and businesses imagine affecting them is their accounts getting hijacked- e.g. a threat actor uses credential stuffing to login to your netflix account, and enjoys some free entertainment on your dime (or sells the account for a few dollars).or in a more serious scenario, accesses an employee's corporate email to send phishing emails to other employees and gain access to the internal network to install ransomware.
more → Security Boulevard, Wednesday, November 20th, 2024
CISOs Look To Establish Additional Leadership Roles
As cybersecurity challenges grow in complexity, chief information security officers (CISOs) are exploring new leadership roles to bolster their teams.
more → Security Boulevard, Wednesday, November 20th, 2024
8 Security Risks Of Shared Email Accounts
Shared email accounts are those that are accessed and used by multiple people, typically within the same family or organization.
more → Security Boulevard, Tuesday, November 19th, 2024
Cybersecurity Is Everyone's Responsibility
In today's interconnected world, cybersecurity is not just an IT concern - it is everyone's responsibility.
more → techradar.pro, Monday, November 18th, 2024
The Risks And Rewards Of Penetration Testing
When you purchase through links on our site, we may earn an affiliate commission. Here's how it works.
more →
IT Security Guru, Monday, November 18th, 2024
The Stealthy Success Of Passkeys
It's interesting to note that many people will happily unlock their phone by just looking at it and have no problem tapping their bank card against a store's point of sale terminal, but if the term password security is presented to them, they have a blank expression, or worse, shrink away. Why are some technologies so readily accepted while others seem to be a tough sell?
more →
DARKReading, Monday, November 18th, 2024
Why The Demand For Cybersecurity Innovation Is Surging
Companies that recognize current market opportunities - from the need to safely implement revolutionary technology like AI to the vast proliferation of cyber threats - have remarkable growth prospects.
more →
Security Boulevard, Monday, November 18th, 2024
Strengthening Security And Elevating User Experiences: Introducing Arkose Device Id In An Evolving Threat Landscape
In today's increasingly digital and interconnected world, traditional security measures - once deemed foolproof - are now being exploited by sophisticated cybercriminals.
more → Security Boulevard, Monday, November 18th, 2024
Cloud Pentesting 101: What To Expect From A Cloud Penetration Test
You've moved a ton of your business to the cloud - storage, applications, the whole nine yards. Cloud computing offers flexibility, scalability, and a bunch of other benefits.
more → Security Boulevard, Thursday, November 14th, 2024
Why Open-Source Customer Identity And Access Management (CIAM) Solutions Are Essential For Data Security And Privacy
Businesses are increasingly reliant on Customer Identity and Access Management (CIAM) solutions to handle user authentication, authorization, and identity management. As cyber threats escalate and data breaches become more prevalent, ensuring the security and privacy of customer data has never been more critical.
more → Security Boulevard, Thursday, November 14th, 2024
Is SOAR (Security Orchestration, Automation, And Response) Obsolete?
You may have heard that SOAR is dead. Vendors have become afraid of the term, repositioning their security automation products with different labels. But are the people claiming SOAR's demise making substantial arguments, or are they simply trying to promote their own products by putting SOAR down?
more → Security Boulevard, Thursday, November 14th, 2024
How To Defend Non-Human Identities From Infostealers
Infostealers are getting bolder - and more ambitious. Long focused on stealing human credentials - like usernames, passwords, cookies, session tokens, and autofill information - infostealers have expanded to target non-human identities.
more → Security Boulevard, Thursday, November 14th, 2024
A Beginner's Guide to PCI DSS 4.0: Requirements 5-9
Data breaches reached a record high in the US last year, impacting over 350 million individuals. According to one estimate, financial services firms suffered the second highest total of breaches in 2023: 744.
more → techradar.pro, Wednesday, November 13th, 2024
How To Choose The Perfect Password Manager For You
This could be the most important digital tool you can have
more → Security Boulevard, Wednesday, November 13th, 2024
Your Guide To Bad Bots Management
Bad bots can take down your website, steal customer data, break your APIs, and worse. They can cost your business millions in lost revenue and damage your brand's reputation. Despite this, most businesses don't properly protect themselves against bad bot).
more → Security Boulevard, Wednesday, November 13th, 2024
To Pay Or Not To Pay: The Ransomware Dilemma
In the majority of cases, the determination of whether or not to pay a ransom is a business decision, and this blog is intended solely to help decision-makers navigate that decision-making process in a structured manner based on our experiences, engagements, and discussions with senior decision-makers in the wake of a ransomware incident.
more → Security Boulevard, Wednesday, November 13th, 2024
The Role Of Threat Intelligence In Preventing Ransomware
The ransomware threat landscape remains a persistently nefarious one. The threat stays consistent despite the fact that the actors carrying out these attacks are often in flux. Dedicated ransomware gangs emerge and disband regularly.
more → Security Boulevard, Wednesday, November 13th, 2024
Platformengineering.com: Strengthening Security In The Software Development Lifecycle
The Techstrong Group is thrilled to announce the launch of PlatformEngineering.com, a new platform dedicated to advancing the platform engineering discipline.
more → Security Boulevard, Wednesday, November 13th, 2024
Mend.io Is A Strong Performer In The Forrester Wave Software Composition Analysis, Q4 2024
It should be no surprise that the world runs on open source software. According to the latest Forrester Wave Software Composition Analysis Q4 2024 report an 'astonishing 77% of codebases are comprised of open-source software.'
more → Security Boulevard, Wednesday, November 13th, 2024
Major Cyber Attacks And Data Breaches Of 2024
As 2024 draws to a close, the cybersecurity landscape continues to evolve, marked by both familiar adversaries and emerging threats with newer technologies and improved tactics. Rather than merely cataloguing breaches, we look into the anatomy of significant cyber attacks, associated vulnerabilities that led to such events, and relevant controls.
more → Search Security, Tuesday, November 12th, 2024
Top 10 Identity And Access Management Risks
Organizational security is undermined by a number of identity and access management problems. Learn what those risks are and get ideas on how to solve them.
more → CSO Online, Tuesday, November 12th, 2024
13 Essential Enterprise Security Tools - And 10 Nice-To-Haves
Do you have the right tools to handle a changing threat landscape, tougher regulatory climate, and increasing IT infrastructure complexity? Here are the must-have security tools for meeting today's challenges.
more →
Security Intelligence, Tuesday, November 12th, 2024
6 Principles Of Operational Technology Cybersecurity Released By Joint NSA Initiative
Today's critical infrastructure organizations rely on operational technology (OT) to help control and manage the systems and processes required to keep critical services to the public running. However, due to the highly integrated nature of OT deployments, cybersecurity has become a primary concern.
more →
Security Boulevard, Tuesday, November 12th, 2024
Transforming Security: How Static Application Security Testing (SAST) Enhances Your Secure Code Review Process?
Secure coding has become a critical aspect of software development, and the need for effective security testing is at an all-time high. Vulnerabilities in code can expose applications to serious threats, making early detection vital for maintaining security and performance.
more → Security Boulevard, Tuesday, November 12th, 2024
Top Mobile Security Risks Of 2024 By OWASP
As technology gains popularity, it often attracts more vulnerabilities and becomes a target for cyberattacks. The OWASP Mobile Top 10 is a valuable resource for security researchers and mobile app developers, offering essential data for identifying, evaluating, and addressing security risks specific to mobile applications.
more → Security Boulevard, Tuesday, November 12th, 2024
Protecting Critical Infrastructure: A Collaborative Approach to Security for ICS, OT, and IIoT
In an era where cyber threats to critical infrastructure are growing in both sophistication and frequency, securing Operational Technology (OT), Industrial Control Systems (ICS), and the Industrial Internet of Things (IIoT) is more critical than ever.
more → CSO Online, Monday, November 11th, 2024
7 Reasons Security Breach Sources Remain Unknown
Many security leaders remain clueless about the cause of recent security incidents their organizations have experienced, calling into question how much can be learned.
more → ComputerWeekly, Monday, November 11th, 2024
IAM: Enterprises Face A Long, Hard Road To Improve
Poor identity and access management puts enterprise data at risk, but the path to stronger IAM remains complex
more →
Security Boulevard, Monday, November 11th, 2024
What Is Risk Assessment In Network Security?
A risk assessment in network security systematically identifies, evaluates, and prioritizes potential threats to your infrastructure. By understanding these risks, you can implement tailored security measures that protect sensitive data, ensure compliance with regulations, and minimize the impact of cyber threats.
more → Security Boulevard, Monday, November 11th, 2024
The Top 9 Cyber Risk Management Trends In 2025
The evolution of the cyber risk management landscape is constant, and with each passing year, market players find themselves in the position of having to readjust their strategies, whether in brand positioning, cybersecurity, or beyond, to account for these consequent changes.
more → Security Boulevard, Monday, November 11th, 2024
NIST Updated Standards for a Secure Password
Your internet account passwords are probably among the most guarded pieces of information you retain in your brain. With everything that has recently migrated to the digital realm, a secure password functions as the deadbolt to your private data.
more → SearchSecurity, Thursday, November 7th, 2024
How To Create An Enterprise Cloud Security Budget
As companies migrate more sensitive data and resources into the cloud, it's important to deploy relevant security tools and processes, while staying within budget.
more → Security Boulevard, Thursday, November 7th, 2024
Unpacking API Security from Development to Runtime: Key Insights for Cybersecurity Pros
In today's fast-paced digital ecosystem, APIs are the lifeblood connecting an ever-growing universe of applications and systems, driving efficiency and agility for modern organizations.
more → Security Boulevard, Thursday, November 7th, 2024
Shifting Left for Proactive IT Security and ITSM
As organizations prioritize IT security and efficiency, the concept of 'shifting left' has gained momentum across both security and service management.
more → Security Boulevard, Thursday, November 7th, 2024
A Beginner's Guide to PCI DSS 4.0: Requirements 1-4
Valid card data is highly sought-after on the cybercrime underground. In fact, it's helping to drive a global epidemic in payment fraud predicted to reach $40bn by 2026.
more → Security Boulevard, Wednesday, November 6th, 2024
Sensitive Data Discovery For Enterprises: Turning Data Chaos Into Compliance
In today's data-driven landscape, sensitive information-like PII (Personally Identifiable Information), PHI (Protected Health Information), and PCI (Payment Card Information)-sprawls across enterprise systems.
more → Security Boulevard, Wednesday, November 6th, 2024
Leveraging Tabletop Exercises To Enhance OT Security Maturity
Has your organization tested its OT security incident response plan in the last 6 months? Do you remember when you last checked your institutional OT security awareness levels? Are your OT security programs running in compliance with IEC 62443?
more → Security Boulevard, Wednesday, November 6th, 2024
Beyond Secrets Managers: 5 Alternatives For Securing Non-Human Identities
Secrets managers have long been a reliable solution for safeguarding sensitive credentials like API keys, certificates, and tokens.
more → ITProToday, Tuesday, November 5th, 2024
Cybersecurity Developments & Priorities: November 2024
We round up the top cybersecurity trends and action items for IT and cybersecurity professionals.
more →
Security Boulevard, Tuesday, November 5th, 2024
The Ultimate Cybersecurity Checklist For Protecting Your Business
From startups to global enterprises, every organization is a potential cyberattack target in today's interconnected business environment
more → Security Boulevard, Tuesday, November 5th, 2024
The Future Of Identity Protection: Real-Time Threats And Scams
In today's digital landscape, protecting your identity from real-time threats is more critical than ever. As a cybersecurity expert, I've seen an evolving spectrum of threats that go far beyond traditional identity theft.
more → Security Boulevard, Tuesday, November 5th, 2024
Recovering From A Breach: 4 Steps Every Organization Should Take
Many of the conversations around cybersecurity revolve around prevention. From how to stave off attacks or implement best practices to safeguard from data breaches, there's no shortage of information out there.
more → Security Boulevard, Tuesday, November 5th, 2024
How Penetration Testing as a Service (PTaaS) Supports Shift-Left Security Practices?
Security and development teams often face a tough challenge: delivering a secure, quality product quickly without bogging down the pipeline. Security testing is traditionally squeezed in late, sometimes even right before release, making vulnerabilities harder and costlier to resolve.
more →