Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The U.K. government’s cybersecurity agency plans to ship a collection of well-tested, reliable scanning scripts to help defenders mitigate high-priority software flaws. [Read More]
Security updates released for PrinterLogic Web Stack and the Virtual Appliance address nine security bugs, including a trio of high-severity issues. [Read More]
Redmond announces improved security for Microsoft Offices users, courtesy of Excel 4.0 (XLM) macros now being restricted by default. [Read More]
Cloud security and compliance automation startup Anitian has banked a $55 million Series B round led by Sageview Capital. [Read More]
The IPv6 guidance provides federal agencies with information on IPv6 and its security features, along with security considerations on the network protocol. [Read More]
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. [Read More]
Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation. [Read More]
1Password has closed a new $620 million funding round, pushing the password management software vendor's valuation to $6.8 billion. [Read More]
Banyan Security plans to invest the funds in sales and marketing, product development, and market expansion. [Read More]
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Laurence Pitt's picture
Defense-in-depth encourages a review of all tools in place, ultimately defining a strategy to use everything available to create a layered security approach between users (or potential attackers) and applications/microservices in use.
John Maddison's picture
Zero-trust network access (ZTNA) simplifies secure connectivity by providing seamless, per-use access to applications, no matter where the user or application may be located.
Torsten George's picture
While there is no silver bullet to prevent cybersecurity attacks, ZTNA has become a necessity for organizations on their digital transformation journey by allowing to minimize the attack surface while ensuring the productivity of remote workers.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
William Lin's picture
The most common “new project” in identity nowadays is in Zero Trust. This concept has been evolving for years, and is building controls around an interesting premise: the idea that every resource will one day be internet-facing.
Joshua Goldfarb's picture
Josh Goldfarb debunks the most common myths surrounding fraud, security and user experience.
Torsten George's picture
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access.
Torsten George's picture
Ultimately, organizations must assume that bad actors are already in their networks. And consumers must realize they’re constant targets.
Torsten George's picture
Today’s dynamic threatscape requires security professionals to adjust to an ever-expanding attack surface.
Torsten George's picture
The tactics, techniques, and procedures (TTPs) used in the Twitter attack were not much different than in the majority of other data breaches and serve as valuable lessons for designing a modern cyber defense strategy.