Software supply chain security fears escalated with the discovery of "deliberate sabotage" of code in the open-source npm package manager ecosystem. [Read More]
NIST has released the final version of a special publication focusing on offering information and guidance to manufacturers for protecting ICS environments. [Read More]
Threat hunters at Symantec share notes on Daxin, “the most advanced piece of malware Symantec researchers have seen used by a China-linked actor.” [Read More]
ENISA and CERT-EU have released guidance to help CISOs and other decision makers in public and private organizations increase their cyber resilience. [Read More]
The healthcare industry will need advanced security measures to identify and mitigate flaws in new apps carrying the world’s most sensitive, regulated information.
Organizations should regularly put security products, processes and people to the test, and the reward is better, more efficient protection against attacks.
Choosing which vendor to partner with can be exceptionally difficult for MSSPs due to the oversaturation and complexity of the threat intelligence market.
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
There are many pitfalls, and some simple rules that can help you make smarter decisions if you are in looking to purchase security products seen at RSA Conference.
Evaluating a threat intelligence vendor’s collection strategy effectively is a complex process that requires far more than simply obtaining the answers to the questions outlined above.
In the cyber threat intelligence space, there is confusion (much of which is driven by vendors)... where threat information is positioned as finished intelligence.
Threat intelligence can play an important role in improving an organization’s overall cybersecurity posture, provided the right case is made and the right processes are put in place.