The impact of the Great Resignation and the Great Reshuffle is still strongly felt across many industries, including cybersecurity. There is a talent gap: Companies are struggling to hire enough talent to fulfill their needs and goals. Widen the pool…
Category: Help Net Security
Perygee raises $4.75 million to secure most vulnerable IoT and OT devices
Perygee has closed a $4.75 million seed investment led by Ballistic Ventures. The round also includes investment from cybersecurity angels Ray Rothrock, John Donovan, Ohad Finkelstein, Corey Thomas, and Bryson Bort, as well as BBG Ventures, which backs early-stage startups…
Arnica raises $7 million to protect software supply chains without harming developer velocity
Arnica has unveiled the general availability of its product and $7 Million in seed funding. The round was led by Joule Ventures and First Rays Venture Partners, with angel investment from industry leaders including Avi Shua, co-founder & CEO of…
Valence Security raises $25 million to help organizations prioritize and respond to SaaS mesh risks
Valence Security is announcing its $25 million Series A round led by Microsoft’s M12 venture fund with participation from seed investor YL Ventures and additional investors including Porsche Ventures, Akamai Technologies, Alumni Ventures and Michael Fey, CEO of Island and…
InterVision partners with Arctic Wolf to defend organizations against cyberattacks
InterVision has teamed with Arctic Wolf to help proactively protect organizations against today’s cyberattacks. The Arctic Wolf Security Operations Cloud pairs the power, speed, and scale of a cloud-native platform with world-class security operations expertise that provides organizations with comprehensive…
Splunk and ExtraHop integration helps SOC analysts streamline their workflow
ExtraHop has unveiled a new integration between Reveal(x), its network detection and response (NDR) platform, and Splunk SOAR. Using the Reveal(x) integration, Splunk SOAR users now have expanded visibility with packet-level insights from IoT to the cloud including unmanaged devices,…
A quick guide for small cybersecurity teams looking to invest in cyber insurance
In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with what time will…
How cybersecurity VCs find visionary companies in emerging sectors
33N Ventures is fundraising €150 million for investing in cybersecurity and infrastructure software companies across Europe, Israel, and the US. The fund will mostly target investments at Series A and B, with an average ticket size of around €10 million,…
Protecting organizations by understanding end-of-life software risks
CloudSphere recently released the results of its EOL Management and Risk for IT Assets survey, which reveals the level of confidence individuals have regarding which end-of-life (EOL) or near-EOL applications pose a significant risk to businesses. In this Help Net…
What consumers expect from organizations that handle their personal data
In this Help Net Security video, Robert Waitman, Privacy Director and Head of Privacy Research Program at Cisco, discusses the key findings of Cisco’s 2022 Consumer Privacy Survey. This year’s survey highlights the critical need for further transparency as consumers…
Oxeye announces Cloud Native Application Security solution at KubeCon
Oxeye will demonstrate its Cloud Native Application Security solution at KubeCon 2022 in Detroit, Michigan, October 24-28. Located at booth SU74, Oxeye will show how the company’s platform combines static analysis with agentless runtime flow tracing and infrastructure analysis to…
Incoming OpenSSL critical fix: Organizations, users, get ready!
The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library (but does not affect OpenSSL versions before 3.0). According to the…
MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available on GitHub. How MyOpenVDP works Someone finds a vulnerability or a security bug on your website…
ISARA makes four digital certificate patents publicly available to boost quantum security
ISARA revealed that it is dedicating the intellectual property behind its ISARA Catalyst Agile Digital Certificate Methodology — including four patents — to the public. Industry leaders, including Crypto4A, DigiCert, Entrust, ISARA, Keyfactor, PKI Solutions, Sectigo, and Venafi, are among…
IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference will focus on providing attendees with an overview of the current cyber threats facing…
Fill the cybersecurity talent gap with inquisitive job candidates
The impact of the Great Resignation and the Great Reshuffle is still strongly felt across many industries, including cybersecurity. There is a talent gap: Companies are struggling to hire enough talent to fulfill their needs and goals. Widen the pool…
SecurityScorecard launches two cyber threat intelligence solutions to counter threat actors
SecurityScorecard launches two cyber threat intelligence solutions to deliver a full view of organizations’ global cyber risk exposure. These new offerings, Attack Surface Intelligence (ASI) and Cyber Risk Intelligence (CRI), provide security teams with contextual intelligence, summarized views, and enriched…
Uptycs enhances threat detection capabilities to protect container-based applications
Uptycs announced enhanced Kubernetes and container security capabilities. These new features provide threat detection for container runtime correlated with the Kubernetes control plane attacks alongside scanning of container images in registries for vulnerabilities, malware, credentials, secret keys, and other sensitive…
Scribe Security’s evidence-based security trust hub validates software integrity
Scribe Security launched evidence-based security trust hub, offering a true end-to-end software supply chain security. In recent years, software supply chains—both open-source and proprietary CI/CD pipelines— have become more attack-prone than ever before. In 2022, Gartner listed digital supply chains…
Votiro RetroScan reviews all sanitized files for any previously unknown threats
Votiro launched RetroScan functionality, which produces threat analytics on the undetectable threats that Votiro eliminates. After Votiro removes all potentially malicious components from incoming files, the new RetroScan feature analyzes every file retrospectively over the last seven, fourteen, or twenty…
Akamai Prolexic enhancements increase protection against rising DDoS threats
Akamai announced a significant evolution of its DDoS protection platform (Prolexic) with a global rollout of new, fully software-defined scrubbing centers, which will extend its dedicated defense capacity to 20 Tbps and accelerate future product innovations. In the wake of…
SkyKick Security Manager enables ITSPs to manage Microsoft 365 security
SkyKick releases Security Manager to help IT partners better protect customers in the cloud and accelerate growth by reducing the cost and complexity of delivering security services for their customers. As SMBs continue their shift to the cloud – accelerated…
A quick guide for small cybersecurity teams looking to invest in cyber insurance
In the world of insurance providers and policies, cyber insurance is a fairly new field. And many security teams are trying to wrap their heads around it. What is it and do they need it? And with what time will…
How cybersecurity VCs find visionary companies in emerging sectors
33N Ventures is fundraising €150 million for investing in cybersecurity and infrastructure software companies across Europe, Israel, and the US. The fund will mostly target investments at Series A and B, with an average ticket size of around €10 million,…
Protecting organizations by understanding end-of-life software risks
CloudSphere recently released the results of its EOL Management and Risk for IT Assets survey, which reveals the level of confidence individuals have regarding which end-of-life (EOL) or near-EOL applications pose a significant risk to businesses. In this Help Net…
What consumers expect from organizations that handle their personal data
In this Help Net Security video, Robert Waitman, Privacy Director and Head of Privacy Research Program at Cisco, discusses the key findings of Cisco’s 2022 Consumer Privacy Survey. This year’s survey highlights the critical need for further transparency as consumers…
Loft Labs integrates with Argo CD to automate deployments with virtual clusters
Loft Labs has integrated with the open source tool Argo CD (continuous delivery) to automate the deployment of services to virtual Kubernetes clusters. Now, virtual clusters created in Loft are automatically recognized in Argo CD including user permissions and access…
GoSecure expands partnership with Check Point to improve clients’ cybersecurity defenses
GoSecure and Check Point partnership will enable GoSecure to add support for Check Point’s security products, expanding their open ecosystem of MDR/XDR technology partners. The new technology partnership with Check Point reinforces GoSecure’s commitment to optimizing clients’ investments in security…
Medibank data breach: More customers affected, attacker got in via stolen credentials
Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. “We have received a series of additional files from the criminal. We have…
Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)
For the ninth time this year, Apple has released fixes for a zero-day vulnerability (CVE-2022-42827) exploited by attackers to compromise iPhones. About CVE-2022-42827 CVE-2022-42827 is an out-of-bounds write issue in the iOS and iPadOS kernel, which can be exploited to…
Key observations on DDoS attacks in H1 2022
In the first half of 2022, the amount of DDoS attacks increased by 75.6% compared to the second half of 2021, according to new Nexusguard research revealed in the company’s DDoS Statistical Report for 1HY 2022. In this Help Net…
What closed-source software developers can learn from their open-source counterparts
Open-source software has reached greater levels of security than ever before, but its increased adoption comes with new challenges. In this Help Net Security video, Josep Prat, Open Source Engineering Director at Aiven, illustrates how threat actors see greater use…
Don’t wait for medical device cybersecurity legislation: Act now to save patients’ lives
Cyberattacks can cost lives — especially in the healthcare sector. Nearly a quarter of healthcare providers victimized by ransomware reported increased mortality rates following an attack, and 70% experienced longer hospital stays or procedure delays leading to poor patient outcomes.…
The long-term psychological effects of ransomware attacks
Northwave has conducted scientific research into the psychological effects of a ransomware crisis on both organizations and individuals. The findings reveal the deep marks that a ransomware crisis leaves on all those affected. It also shows how their IT and…
To retain cybersecurity professionals, keep remote work as an option
(ISC)² highlighted a stark increase in the shortage of cybersecurity professionals as it announced the findings of its 2022 (ISC)² Cybersecurity Workforce Study. The study reveals the global cybersecurity workforce is at an all-time high, with an estimated 4.7 million…
ServiceNow releases Lightstep UQL to extend visibility across Kubernetes applications
ServiceNow has released Lightstep UQL (Unified Query Language) which will help companies extend visibility across Kubernetes applications. Using shift-left observability directly in code, DevOps teams help ensure Kubernetes applications are ‘born’ fully observable and proactively enforce consistency, maintainability, and reproducibility…
GoCardless Protect+ enables merchants to identify fraudulent activity
GoCardless launched Protect+, an end-to-end fraud prevention solution that detects fraudulent activity and protects merchants from potential losses through enhanced payer verification, 24/7 fraud monitoring and chargeback challenges. With Protect+, merchants will be able to improve their overall percentage of…
CyberCube unveils Exposure Databases to allow (re)insurance and broker clients to quantify cyber risk
CyberCube launched a set of detailed Exposure Databases to enable (re)insurers and brokers to perform a wide array of benchmarking, sensitivity, and real-time analyses for cyber risks. The Exposure Databases provide a foundation for cyber risk model and include CyberCube’s…
Jumio enhances KYX Platform to help businesses combat online identity fraud
Jumio unveiled its extended Jumio KYX Platform, with an integrated orchestration hub benefiting from the company’s acquisition of 4Stop. The platform streamlines fraud and eKYC/AML compliance management with the intuitive one-stop orchestration hub, which brings together global data, risk signals,…
AwareID improves identity authentication processes for enterprises
Aware introduced its newest product, AwareID, combining multi-factor authentication and multi-modal biometrics into a single, low-code platform that is pre-configured for the most common use cases and is functional right from the start. “We know that the increased frequency of…
Prove Auth empowers companies to reduce reliance on passwords and one-time passcodes
Prove Identity launches Prove Auth, a next-generation solution for passwordless login and omnichannel authentication. Prove Auth enables companies to reduce reliance on passwords and one-time passcodes (OTPs) and empowers consumers to frictionlessly authenticate in all channels including phones, desktops and…
Scale Computing and Mako Networks deliver edge networking solutions for multi-site operators
Scale Computing and Mako Networks have joined forces to deliver intelligent, reliable, and simple-to-manage total edge solutions. The partnership enables a complete, secure, edge infrastructure that includes robust, reliable compute, and standards-compliant network devices (including PCI DSS), simplified enterprise edge…
CYE appoints Ira Winkler as Field CISO
CYE announced its appointment of Ira Winkler as Field CISO, alongside the expansion of its rapidly growing sales team. Ira joins CYE to bolster its operations in the US as the company continues to expand during a period of hyper…
Hornetsecurity Security Awareness Training reduces the risk of human error
Hornetsecurity launches a next-generation Security Awareness Training, to better equip employees to counter cyber-attacks, building on its international reputation as a cybersecurity leader. Cyber criminals are constantly innovating and attacks are on the rise: Hornetsecurity’s 2022 Ransomware Report found that…
Asset risk management: Getting the basics right
In this interview with Help Net Security, Yossi Appleboum, CEO at Sepio, talks about asset risk management challenges for different industries and where it’s heading. Cyberattacks show no signs of slowing down. What do organizations need to do to boost…
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those certificates. It can issue certificates from a variety of supported sources, including Let’s Encrypt, HashiCorp Vault, and Venafi…
Shadowserver: Get free access to timely, critical Internet security data
The Shadowserver Foundation fulfills a unique role in the cybersecurity ecosystem by supplying vital security information to Internet defenders and law enforcement at no cost. In this Help Net Security video, Piotr Kijewski, CEO at The Shadowserver Foundation, talks about…
Social engineering attacks anybody could fall victim to
Social engineering – also known as human hacking – is an expression that encompasses a number of methods and vectors attackers use to manipulate targets into giving away or providing access to sensitive information, or generally performing actions that are…
Socure releases Sigma Synthetic Fraud Model to identify manipulated and fabricated identities
Socure has released its newest Sigma Synthetic Fraud model, a synthetic identity fraud detection solution that identifies manipulated and fabricated identities with precision. Core to the precision of Sigma Synthetic Fraud is the integration of two critical fraud-fighting features: powerful…
Consumer behaviors are the root of open source risk
Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found that 96% of open source Java downloads with known-vulnerabilities could have been…
Rafay launches Technical Alliance Program and Kubernetes Addon Catalog for Kubernetes management
Driven by customer demand, the Rafay Technical Alliance Program accelerates the ongoing innovation effort between Rafay and strategic partners to deliver enhanced value to mutual customers. Kubernetes adoption within enterprises is frequently stalled by the overwhelming number of software addons…
Syntellis enhances Axiom EDS to deliver data-driven insights for healthcare organizations
Syntellis Performance Solutions has unveiled enhancements to Axiom Enterprise Decision Support (EDS). The new features will better support the increasingly complex data and reporting needs of large healthcare organizations with near real-time insights for faster decision-making and an improved user…
Dremio’s open lakehouse now supports SQL DML and DDL operations on Apache Iceberg
Dremio has unveiled its support for DML operations (insert, update & delete) on Apache Iceberg tables and for time travel for in-place querying of historical data. These features enable key data lakehouse use cases that were previously only available in…
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information.…
Week in review: CISA releases RedEye, Apache Commons Text flaw, Medibank data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Medibank hack turned into a data breach: The attackers are demanding money Medibank, Australia’s largest private health provider, has confirmed that last week’s “cyber incident”…
New Relic’s Vulnerability Management provides visibility across the entire software stack
New Relic has introduced the public preview of New Relic Vulnerability Management to empower organizations to manage their security posture and risk as a core part of their observability strategy. This new offering helps engineering teams eliminate data and team…
Student Freedom Initiative and Cisco partnership supports cybersecurity infrastructure at HBCUs
Student Freedom Initiative and Cisco have expanded their partnership to bolster cybersecurity infrastructure at Historically Black Colleges and Universities (HBCUs) by adding three prominent Certified Minority Business Enterprises (MBEs)—Procellis Technology, Sology Solutions, and IPC Consulting—to the cybersecurity implementation team. This…
Data visualization: An invaluable tool in a defender’s arsenal
Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and making connections between them and the suspicious activity under investigation is time spent…
New infosec products of the week: October 21, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA. Code42 enhances Incydr Risk Indicators to help users protect and classify sensitive data Code42 has enhanced its…
Trilio’s Continuous Restore enables users to stage data in multiple heterogeneous clouds
Trilio‘s Continuous Restore offers faster levels of replication, restoration and migration of Kubernetes data and metadata from any cloud or storage platform to another, providing near-instantaneous recovery times for cloud-native applications. Entirely distribution-, cloud- and storage-agnostic, Trilio’s Continuous Restore enables…
Red Hat releases Red Hat Enterprise Linux for Workstations on AWS
Red Hat has released Red Hat Enterprise Linux for Workstations on AWS, a cloud-based, virtual workstation built on the hardened innovation foundation of Red Hat Enterprise Linux. Accessible via an Amazon-provided NICE DCV client or standard web browsers, the service…
Signifyd’s Fearless Payments empowers PSPs to increase authorization rates
Signifyd has launched Fearless Payments for payment providers, a suite of solutions that empowers payment service providers (PSPs) to increase authorization rates while lowering their operating costs and providing their customers with a full financial guarantee against all types of…
SynSaber adds Dynamic Pipeline to its platform to improve scalability and flexibility
SynSaber has added a new Dynamic Pipeline feature to the company’s platform, providing customers with improved scalability and flexibility. Building upon the product launched in February 2022, this update includes a set of features and capabilities to collect, analyze, and…
AtScale names John Langton as VP of worldwide engineering
AtScale has appointed John Langton as the company’s new vice president of worldwide engineering. In this role, John will run global engineering and R&D for AtScale, managing teams in the Bay Area, Boston, Sofia (Bulgaria) and in remote locations. This…
IronNet joins Space ISAC to protect infrastructure essential to missions and exploration in space
IronNet was named the newest Gold member of the Space Information Sharing and Analysis Center (ISAC). Space ISAC members lead the global space community to identify and respond to threats and mitigating risks to the space mission. “Space is the…
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to read and delete files on an affected device, and to execute arbitrary script or access sensitive information.…
Medibank hack turned into a data breach: The attackers are demanding money
Medibank, Australia’s largest private health provider, has confirmed that last week’s “cyber incident” has resulted in a data breach. “Medibank has been contacted by a criminal claiming to have stolen 200GB of data,” the company said. “The criminal has provided…
Data visualization: An invaluable tool in a defender’s arsenal
Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and making connections between them and the suspicious activity under investigation is time spent…
New infosec products of the week: October 21, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AwareGO, Code42, Corelight, EnigmaSoft, Exabeam, Mandiant, and RSA. Code42 enhances Incydr Risk Indicators to help users protect and classify sensitive data Code42 has enhanced its…
RSA Mobile Lock detects critical threats on mobile devices
RSA introduced RSA Mobile Lock, a new defense in the war for mobile security and an immediate resolution for one of the weakest points in every organization’s security stance: their users. RSA Mobile Lock detects critical threats on mobile devices…
The companies most likely to lose your data
Web companies are most likely to lose your data, a study shows. The study, conducted by VPN Overview, analysed major data breaches that have been registered since 2004 to discover which industry is most prone to losing data. Online companies…
How phishing campaigns abuse Google Ad click tracking redirects
PhishLabs by HelpSystems has identified attackers leveraging a weakness in Google’s ad service to carry out phishing campaigns on financial institutions. In this Help Net Security video, Kevin Cryan, Director of Operational Intelligence at PhishLabs, talks about how this type…
How supply chain threats will evolve in 2023
Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions and services, as well…
Traefik Hub 1.0 simplifies publication and security of containers at scale
Traefik Labs has announced its new cloud service that enables networking best practices in minutes and helps eliminate the complexity of managing Kubernetes and Docker networking at scale. Cloud native emerged in 2015, the same year Traefik Proxy was open…
Codenotary Trustcenter v3.0 mitigates risks by sifting through billions of software artifacts
Codenotary has revealed that the Trustcenter v3.0 adds a pervasive search capability to find software artifacts that may present problems, along with their change history including the runtime of a container. Until now, organizations with millions or billions of artifacts…
SolarWinds Observability provides visibility in both public and private clouds
SolarWinds has launched SolarWinds Observability, a fully-integrated, cloud-native SaaS offering that provides unified and comprehensive visibility for distributed, hybrid, and multi-cloud IT environments. SolarWinds Observability enables customers to accelerate digital transformation through powerful machine learning (ML) and artificial intelligence (AI)…
MetricStream Euphrates enables enterprises to improve their GRC program performance
MetricStream has unveiled its latest product release, focused on accelerating GRC program performance. The purpose-built low-code/no-code platform empowers customers to easily personalize and configure products to their needs. New APIs help connect MetricStream with external systems and enrich GRC insights…
Code42 enhances Incydr Risk Indicators to help users protect and classify sensitive data
Code42 has enhanced its Incydr Risk Indicators (IRIs) within the Code42 Incydr product to detect and label file downloads from corporate systems. By understanding the source system from which a file came, security analysts can better prioritize what data exfiltration…
Veritas Alta empowers customers to accelerate their transition to cloud
Veritas Technologies has advanced its Autonomous Data Management strategy with the launch of Veritas Alta, a cloud data management platform that helps enterprises transition mission-critical workloads to the cloud. Veritas Alta harnesses the benefits of the cloud to reduce costs,…
Presidio Active Response Solution Set strengthens ransomware preparedness for businesses
To further address the increasing cybersecurity threat landscape, Presidio has revealed a new cybersecurity Active Response Solution Set to help clients be prepared for a ransomware event with assessments, preparedness, active response, and recovery. Ransomware is one of the largest…
IBM Diamondback Tape Library protects hybrid cloud environments against cyber threats
IBM is extending its portfolio of data resilience solutions with the introduction of the IBM Diamondback Tape Library, a high-density archival storage solution that is physically air-gapped to help protect against ransomware and other cyber threats in hybrid cloud environments.…
DirectDefense collaborates with Halcyon to protect users against ransomware
As a DirectDefense and Halcyon partnership result, DirectDefense will now offer the Halcyon Anti-Ransomware & Endpoint Resilience Platform as part of its Managed Detection and Response (“MDR”) offerings. “Ransomware is on the rise and threat actor groups are becoming increasingly…
Votiro integrates with Box to prevent new and unknown threats before they enter the network
Votiro has unveiled its integration with Box’s Content Cloud to prevent ransomware and other evasive file-borne threats from entering users’ content collaboration applications and environments. Users can seamlessly connect Votiro Cloud to Box to provide an essential layer of security…
Cynet unveils Global Partner Program to reduce operational and buying costs for partners
Cynet has launched its newly optimized Global Partner Program, which offers channel sales organizations the ability to increase profitability on their Cynet business. The updated program includes new pricing, discounts and resources aimed at streamlining the partner journey to reduce…
Sheila Carpenter joins Everbridge as CIO
Everbridge has appointed Sheila Carpenter as Chief Information Officer (CIO), responsible for leading the company’s global information technology (IT) efforts, including corporate IT infrastructure, technology systems, and enterprise architecture. Sheila reports to Chief Executive Officer Dave Wagner, and will oversee…
Smartfin led consortium acquires Hex-Rays to accelerate product innovation efforts
Hex-Rays has been acquired by a consortium of investors led by Smartfin, and including co-investors SFPIM and SRIW. Ilfak Guilfanov, the founder of Hex-Rays and architect of the technology platform, also reinvests a substantial amount in the new structure. Founded…
(ISC)² to aid cybersecurity professional development in emerging economies
(ISC)² has signed a Memorandum of Understanding (MOU) with the Korea Internet & Security Agency (KISA) to strenghten cybersecurity professional development in emerging economies. The collaboration will leverage the expertise of both organizations to nurture the global cybersecurity workforce in…
Product showcase: ImmuniWeb Discovery – attack surface management with dark web monitoring
Organizations around the globe struggle to identify their IT assets hosted in a multicloud environment, on premise or managed by numerous third parties. The lack of visibility prevents the cybersecurity teams from protecting their corporate IT infrastructure and data, inevitably…
Want to be a CISO? Being technical is just one of the requirements
As data breaches’ financial and reputational costs continue to reach new heights, cybersecurity should be on top of mind for leadership across every industry. Recent Proofpoint research found that 65% of board members believe their organization is at risk of…
Why chasing risk assessments will have you chasing your tail
Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third parties, meaning they may feel the need to conduct over 5,000 risk assessments. In the old school method,…
Ransomware preparedness: What are you doing wrong?
Axio released its 2022 State of Ransomware Preparedness research report, revealing that although notable improvements have been made since Axio’s 2021 report, organizational ransomware preparedness continues to be insufficient to keep pace with new attack vectors. The report reveals that…
Open banking API security: Best practices to ensure a safe journey
More than 9 in 10 financial sectors accept that open banking is vital to their organization. The demand for fast, hassle-free, and personalized banking and financial services among customers is driving the rapid adoption of open banking. However, nearly 50%…
The most dangerous connected devices
The growing number and diversity of connected devices in every industry present new challenges for organizations to understand and manage the risks they are exposed to. In this Help Net Security video, Daniel Dos Santos, Head of Security Research at…
Styra’s policy bundle management features strengthen software supply chain security
Styra introduced a comprehensive set of policy bundle management capabilities to Styra Declarative Authorization Service (DAS). These new bundle management features are essential for meeting software supply chain security requirements and benefit customers seeking to optimize ever growing IT resource…
Cybellum Product Incident Response module helps PSIRT investigate threats related to devices in the field
Cybellum has launched a new Product Incident Response module to help Product Security Incident Response Teams (PSIRT) to monitor and investigate threats related to devices that are already in operational use in the field. Enhanced workflow automation gives PSIRT team…
Cyral platform updates enable customers to run risk-based data governance
Cyral is putting an end to massive data leaks with the release of a new version of its platform. In addition to user interface (UI) updates, the platform enables customers to run risk-based data governance, an approach to database security…
Corelight Cloud Sensor SaaS for AWS accelerates incident response for security teams
Corelight has expanded its Cloud Security Solutions suite with a software-as-a-service (SaaS) solution for Amazon Web Services (AWS). With Corelight Cloud Sensor SaaS for AWS, security teams can achieve uniform network visibility for incident response and threat hunting capabilities to…
Sophos expands its MDR offering to include compatibility with third-party cybersecurity products
Sophos has launched new third-party security technology compatibilities with Sophos Managed Detection and Response (MDR) to better detect and remediate attacks across diverse customer and operating environments. The service now integrates telemetry from third-party endpoint, firewall, cloud, identity, email, and…
EnigmaSoft SpyHunter Pro combines anti-malware detection and blocking to enhance privacy protection
EnigmaSoft Limited is offering SpyHunter Pro, a brand new enhanced, and feature-packed premium anti-malware product that builds on EnigmaSoft’s expertise in cyber security and developing anti-malware products. SpyHunter Pro is a Windows anti-malware application that combines SpyHunter’s effective system guards…
Cado varc allows security professionals to collect a snapshot of volatile data
Cado Security launches its new open source community tool, Cado varc, allowing security analysts to collect a snapshot of volatile data, adding critical context to incident investigations. By enabling security professionals to drastically simplify the collection and analysis of volatile…