April 3, 2024 at 01:02PM Security teams often misconstrue tool acquisition as program management. It is crucial for them to prioritize understanding the meaning and objectives of their security program, rather than solely focusing on purchasing tools. Based on the meeting notes, the key takeaway is that security teams should prioritize understanding what a security … Read more
January 5, 2024 at 10:06AM In 1931, Alfred Korzybski emphasized the limitations of models, likening them to maps that cannot fully represent reality. Red-team assessments often fail to test enough attack variants to accurately gauge defense strength, leaving defenders uncertain about their security posture. To address this, organizations can explore alternatives like Atomic Testing and … Read more
November 8, 2023 at 04:21AM This article discusses the importance of securing SaaS applications, which make up 70% of a company’s software usage. Safeguarding the organization’s SaaS app stack and data is crucial, but implementing an effective SaaS security program is complex due to various potential attack vectors and dynamic app environments. A webinar with … Read more
October 19, 2023 at 05:09PM SailPoint Technologies, in collaboration with Accenture, released the findings from their annual research report, ‘The Horizons of Identity Security.’ The report revealed that 44% of companies are still in the early stages of their identity security journeys, and only 70% of identities in mature companies are covered by foundational governance … Read more