July 18, 2024 at 03:36AM According to a CrowdStrike report, only 54 percent of cyber security workers review major software updates. The process is time-consuming and costly, with an average annual expenditure of nearly $1.2 million for code reviews. Security managers face challenges such as misaligned tools and prioritizing issues. Strengthening application security is critical … Read more
April 18, 2024 at 08:35AM Researcher Daniel Bohannon discusses the challenges of dealing with extensive logging in Amazon Web Services, which creates a large volume of events that make it difficult to identify user actions. He plans to launch an open-source tool at Black Hat Asia to help consolidate the cloud log events, with future … Read more
March 19, 2024 at 10:02AM The evolving cybersecurity landscape is reshaping the responsibilities of CISOs. To adapt, they must meticulously create and document security protocols. Based on the meeting notes, it’s clear that the evolving cybersecurity landscape is impacting the role of the Chief Information Security Officer (CISO). The emphasis was put on the need … Read more
March 7, 2024 at 06:27AM In today’s SaaS environment, security efforts primarily focus on human users, using tools like MFA and RBAC. However, non-human access from apps and integrations poses a security challenge. Managing non-human accounts varies across apps and SaaS platforms, requiring specific security measures and continuous monitoring to detect anomalies and prevent unauthorized … Read more
March 6, 2024 at 05:15AM Material Security has launched Data Protection for Google Drive, enabling Google Workspace administrators to efficiently safeguard sensitive information and manage sharing permissions. With a powerful data platform, Material Security offers advanced scanning, access control, and automated remediation to address security risks without hindering productivity. Schedule a personal demo to see … Read more
March 4, 2024 at 08:48AM Hikvision has released patches for two vulnerabilities in its security management system HikCentral Professional. The more serious flaw, CVE-2024-25063, could lead to unauthorized access to specific URLs. The second bug, CVE-2024-25064, requires authentication to be exploited. Hikvision urges customers to apply the patches promptly, as prior vulnerabilities have been exploited. … Read more
January 25, 2024 at 10:03AM The role of the Chief Information Security Officer (CISO) is evolving, with increased accountability and personal legal responsibility. Cybersecurity industry leaders need to understand the implications of recent cases, ensure high-integrity organizations, anticipate changing accountability rules, and be constantly vigilant. Proactive involvement and collaboration are vital for the CISO’s success … Read more
December 18, 2023 at 06:26PM APIs have become crucial for businesses to stay competitive and meet market demands by enhancing customer proximity and accelerating application development. Consequently, API security has emerged as a top priority. When evaluating API security solutions, it’s essential to look for features such as multi-environment capability, simplified management and deployment, uniform … Read more