With Basic Auth’s demise looming, federal agencies and private organizations alike should accelerate the adoption of Modern Auth, CISA says. [Read More]
MITRE has published the 2022 CWE top 25 most dangerous software weaknesses, based on an analysis of 38,000 CVEs from the previous two years. [Read More]
Normalyze closes a $22 million funding round as venture capitalists rush to place bets on the newly coined Data Security Posture Management (DSPM) space. [Read More]
Google expands Cloud Armor features with adaptive protection, bot defense, new edge security policies, rate limiting, and support for proxy load balancers. [Read More]
A Chinese threat actor has been conducting influence campaigns targeting rare earth mining companies in Australia, Canada, and the United States. [Read More]
Cloud security firm Wiz has announced the launch of an open database whose goal is to catalog vulnerabilities and other security issues affecting cloud services. [Read More]
As automation continues to evolve, a new approach to accelerate detection and response is emerging based on data and business logic to automatically trigger simple actions that can be standalone or be chained together.
As IoT adoption increases within healthcare, healthcare organizations and device manufacturers will need to prioritize the security of connected medical devices to keep patient data private and ensure the safety of the patient.
In addition to helping security teams recruit and retain the talent they need, employee wellness brings other benefits. Here are five ways in which wellness is good for security:
There are seven immediate steps you can take to put your organization on the path toward better situational awareness and risk reduction to protect critical infrastructure.
Most organizations want to adopt DevSecOps practices, but their current practices are closer to traditional waterfall methodologies than the agile practices described in this DevSecOps manifesto.
Linux is becoming a more popular target for attackers as it operates the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications.