November 7, 2023 at 03:52PM The latest version of the Common Vulnerability Scoring System (CVSS version 4.0) allows organizations to assess and manage the risk posed by security bugs more effectively. It introduces new metrics that enable a dynamic and context-sensitive evaluation of vulnerabilities. CVSS 4.0 provides a more tailored risk management approach and allows … Read more
November 2, 2023 at 05:30AM Wing Security has launched “Essential SSPM,” a SaaS Security Posture Management tool, offering SaaS discovery, risk assessment, and user access review in a freemium model. The tool aims to simplify the process of securing SaaS usage and aligns with regulatory security standards such as ISO 27001 and SOC. It allows … Read more
October 27, 2023 at 04:56PM Securing cloud identities is crucial as organizations migrate data to the cloud. Compromised identities can lead to unauthorized access to sensitive information. To prevent attacks, visibility into the cloud’s identity infrastructure is necessary. Examples of high-profile attacks demonstrate the importance of this. Implementing an applied risk approach, conducting comprehensive audits, … Read more
October 26, 2023 at 12:21PM The US cybersecurity agency CISA and the Department of Health and Human Services (HHS) have released a cybersecurity toolkit for healthcare and public health organizations. The toolkit provides guidance on cyber hygiene, threat landscape, best practices, and offers risk assessment tools and recommended resources. It also suggests accessing grants and … Read more
October 23, 2023 at 02:09PM The growth of AI productivity tools like ChatGPT has made AI accessible to all employees, but it poses challenges for IT and security teams. Nudge Security helps organizations understand and manage the risks associated with AI tools by discovering and inventorying the tools employees are using, accelerating security reviews, detecting … Read more
October 20, 2023 at 10:44AM In the field of cybersecurity, organizations tend to focus on new and flashy technologies, but they often overlook the importance of mastering the basics. One fundamental aspect is handling exceptions to security policies and procedures. Attackers take advantage of exceptions to infiltrate organizations, so it is crucial to have a … Read more