Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Bug Bounty Programs: Boosting Public Confidence in Your Product

Apr 4, 2023 By Razorthorn In Razorthorn
In this video, Jonathan Care shares his views on the usefulness of bug bounty programs in instilling public confidence in a product. He notes that for payment service providers, large online retailers, and those with substantial B2C or B2B2C offerings, bug bounty programs can be particularly valuable. Additionally, if a company's clientele is security conscious, implementing a bug bounty program can be a useful piece in their overall security strategy. Jonathan does not believe that bug bounty programs will replace traditional pen testing, as both are important measures of quality. Ultimately, he emphasizes the importance of implementing a comprehensive security strategy to maintain public trust in a product.
View Video
bitsight

What is Vulnerability Monitoring? Benefits, Tools, and Best Practices

Apr 4, 2023 By Sabrina Pagnotta In BitSight

In today’s ever changing cyber risk landscape, your organization must adopt a vulnerability management framework to control exposure and remediate risks in a timely manner. In an earlier blog, we explained the vulnerability management process. Here, we explore a key part of that process – vulnerability monitoring – in greater depth.

Read Post
manageengine

Data sovereignty in the cloud: A Canadian perspective

Apr 3, 2023 By ManageEngine In ManageEngine

Cloud computing has made its way to organizations’ IT infrastructure strategy rapidly over the past few years. In particular, Canadian businesses are showing an increased adoption. This article decodes how Canada’s IT infrastructure shaped up in the last decade, why data sovereignty is now a hot topic, and what the future holds for the cloud. While on-premises IT infrastructure continues to be relevant even today, both SMBs and enterprises are now embracing the cloud more than ever.

Read Post
kovrr

New regulation from the SEC to require companies to report how cyber risk could affect them financially

Apr 3, 2023 By Kovrr In Kovrr
Against the backdrop of the growing frequency and severity of cyber attacks against enterprises, proposed new regulations from The Securities and Exchange Commission (SEC) are set to require publicly traded companies in the U.S. to analyze how cyber risk could affect financial statements. ‍
Read Post
elastic

Elastic Global Threat Report Breakdown: Credential Access

Apr 3, 2023 By Devon Kerr In Elastic
In the second part of our breaking down the Elastic Global Threat Report series, we’re focusing on the credential access tactic, which was the third-most common category of behavior we observed. Roughly 10% of all techniques we saw involved one form of credential theft or another and dissecting this class of behaviors is helpful both to improve our understanding of threats and to better understand enterprise risks.
Read Post
splunk

Using Workflow Actions & OSINT for Threat Hunting in Splunk

Apr 3, 2023 By Ryan Kovar In Splunk
Picture yourself, a threat hunter using Splunk, and the words "workflow action" are uttered by your helpful security Splunker... Workflow actions make you a faster and more effective security analyst. They allow you to skip the laborious steps of logging into various websites to do your job and just get straight to business.
Read Post
device authority

Can You Teach Legacy IoMT New Tricks?

Apr 3, 2023 By Louise José In Device Authority

In the ever-changing world of IoT, early adopters of this technology, including many medical and manufacturing organizations, are finding that the devices they so heavily invested in are now less secure than ever. You might think that the only solution is to replace existing technology with new greenfield devices, but is there a way to extend the life of existing equipment, minimizing the cost of new technology and the overall impact your corporation has on the environment?

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.