%term

API, Identities and solving for the biggest challenges

Nov 14, 2024 By Anirban Banerjee In Riscosity

API calls are the backbone of modern software, enabling applications to communicate and share data seamlessly. However, with this integration comes the challenge of understanding and managing the identities used in API calls. These identities, often tied to authentication and authorization mechanisms, are crucial for determining what data is accessed and exchanged.

Read Post

Riscosity

Read more about API, Identities and solving for the biggest challenges

Understand How Internet Exposure Impacts Vulnerability Management and Cyber Risk

Nov 14, 2024 By Aaron Unterberger In Nucleus

As organizations continue to embrace digital transformation, their infrastructure increasingly spans cloud environments, third-party integrations, and remote work setups. This shift enhances efficiency and productivity—but also broadens the digital attack surface, creating new points of exposure to the public internet.

Read Post

Nucleus

Read more about Understand How Internet Exposure Impacts Vulnerability Management and Cyber Risk

FedRAMP Certification and Data Security

Nov 13, 2024 By Anirban Banerjee In Riscosity

Federal Risk and Authorization Management Program (FedRAMP) and State Risk and Authorization Management Program (StateRAMP) are pivotal frameworks for securing cloud services used by federal and state governments, respectively. These programs mandate stringent security protocols, emphasizing the need for organizations to manage and disclose third-party involvement in delivering software services to the government.

Read Post

Riscosity

Read more about FedRAMP Certification and Data Security

Is the ASX 200 Resilient to Cyber Threats? Our Report Says No.

Nov 13, 2024 By Greg Pollock In UpGuard

In today’s rapidly evolving digital landscape, managing cyber risk has become essential for sustaining corporate growth and resilience. Cyber risk management requires balancing corporate growth against the evolving tactics of threat actors and governmental regulations – a daunting task that requires continuous measurement and strategic reflection.

Read Post

UpGuard

Read more about Is the ASX 200 Resilient to Cyber Threats? Our Report Says No.

Navigating the SEC Cyber Regulations and 8K reporting for smaller entities

Nov 13, 2024 By Kovrr - Cyber Risk Quantification In Kovrr

On June 15, 2024, half a year after the SEC's cybersecurity regulations were enacted, smaller organizations—those with a public float under $250 million or annual revenue under $100 million—were finally subject to report material cyber events on Form 8-K, Line 1.05. However, as the larger entities have already demonstrated, determining materiality can be complex, requiring stakeholders to consider financial loss, compromised data records, operational impacts, and more.

View Video

Kovrr

Read more about Navigating the SEC Cyber Regulations and 8K reporting for smaller entities

Office Hours with Dr. Jack Freund With special guest, Or Amir, Product Manager at Kovrr

Nov 13, 2024 By Kovrr - Cyber Risk Quantification In Kovrr

* Explore some of the top use cases for which our on-demand CRQ platform is utilized, walking through the specific features and how to leverage them for each of the use cases. These use cases include high-level communication and board reporting, insurance optimization, budgeting, and additional resource justification.

View Video

Kovrr

Read more about Office Hours with Dr. Jack Freund With special guest, Or Amir, Product Manager at Kovrr

Introducing Veracode Risk Manager: A New Chapter in ASPM Built for Scale

Nov 13, 2024 By Derek Maki In Veracode

In a digital world that’s evolving faster than ever, industry landscapes are shifting, and customer needs are becoming more complex. At Veracode, we recognize these fundamental changes in the application security space. That’s why Veracode strategically acquired Longbow Security, now rebranded as Veracode Risk Manager.

Read Post

Veracode

Read more about Introducing Veracode Risk Manager: A New Chapter in ASPM Built for Scale

ICS Security Is a Team Sport

Nov 12, 2024 By Brandon Smith In BitSight

As we discussed in the first article in this series, there are many Internet-exposed control systems, but they are very different from traditional IT systems and require a different security approach. With these systems being so critical and controlling processes that can potentially lead to loss of life if they fail, what is being done to tackle this issue? In this article I’ll dive into this and more, looking at.

Read Post

BitSight

Read more about ICS Security Is a Team Sport

SecurityScorecard Connector Demo

Nov 12, 2024 By Nucleus In Nucleus

In this demo of Nucleus Security's integration with SecurityScorecard, learn how users can set up, manage, and leverage this connection for enriched vulnerability and asset data.

View Video

Nucleus

Read more about SecurityScorecard Connector Demo

The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat

Nov 12, 2024 By SecurityScorecard In SecurityScorecard

A silent danger is sweeping through the world’s critical infrastructure. The SecurityScorecard STRIKE Team has uncovered a resurgence of Volt Typhoon—a state-sponsored cyber-espionage group from the Asia-Pacific region, known for its precision and persistence. This is no ordinary attack. Volt Typhoon exploits unprotected, outdated edge devices within targeted critical infrastructure.

Read Post