Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

kroll

An Offensive Security Perspective on Hacking the Cloud: Five AWS and Azure Cloud Security Threats to Focus On

May 10, 2024 By Kroll In Kroll
According to Gartner, the global market for cloud infrastructure services increased by 30% in 2022, exceeding $100 billion for the first time. AWS and Azure account for almost two-thirds of this figure. While many organizations benefit from these platforms, the popularity of the cloud can also present significant security challenges.
Read Post
kroll

The OSFI's Intelligence-Led Cyber Resilience Testing (I-CRT) Framework - What You Need to Know

May 7, 2024 By Kroll In Kroll
In April 2023, the Office of the Superintendent of Financial Institutions (OSFI), Canada’s agency responsible for regulating financial institutions, released their Intelligence-led Cyber Resilience Testing Framework (I-CRT)1. Canada’s I-CRT framework is based on similar intelligence-led frameworks which have been used in other countries, such as the Bank of England’s CBEST framework2 and the European Union’s TIBER-EU3.
Read Post
kroll

How to Build an Application Security Program

May 2, 2024 By Kroll In Kroll
Application security is vital for ensuring the resilience of organizations, as it encompasses measures and practices that safeguard applications against potential threats and vulnerabilities. It plays a critical role in safeguarding sensitive data, preventing unauthorized access, and maintaining the integrity and availability of applications.
Read Post
kroll

Penetration Testing as a Service (PTaaS): What is it and How Can it Benefit Your Organization?

Apr 30, 2024 By Kroll In Kroll
Learn about careers with us and search open job opportunities here. Penetration testing as a service (PTaaS) plays a vital role in enabling organizations to mitigate enhance their cyber posture. As a hybrid security solution, it combines automation and human assessments in order to test for vulnerabilities that could be missed by legacy scanning tools.
Read Post

Webinar: Incorporating Digital Risk Exposure in Your Threat Detection Strategy

Apr 26, 2024 By Kroll In Kroll
Watch as Kroll experts Wojcieszek and Scott Hanson outline the key benefits of incorporating surface, deep and dark web intelligence into your threat detection and response plans. During the session, they discuss the top use cases of digital risk protection and the best approaches to mapping out and reducing your digital risk across all areas of the internet. They also outline how security teams can use this external threat intelligence to improve their threat detection and response efforts and get wider visibility across the attack lifecycle.
View Video
kroll

The Impact of PCI DSS 4.0 on Organizational Penetration Testing Strategies

Apr 25, 2024 By Kroll In Kroll
PCI DSS version 4.0 recently took effect on March 31, 2024, and includes no less than 63 new requirements. This is the first update of the information security standard designed to defend against payment and credit card fraud since the release of PCI DSS v3.2 eight years ago.
Read Post
kroll

CVE-2024-3400: Zero-Day Remote Code Execution Vulnerability Exploited to Attack PAN-OS

Apr 23, 2024 By Kroll In Kroll
A command injection vulnerability, being tracked as CVE-2024-3400, was recently discovered in the GlobalProtect feature of Palo Alto Networks PAN-OS software. This vulnerability has a CVSS score of 10 (Critical) and is actively being exploited in the wild. It impacts versions PAN-OS 120.2, PAN-OS 11.0 and PAN-OS 11.1. If exploited on vulnerable PAN-OS versions and distinct feature configurations, an unauthenticated attacker could execute arbitrary code with root privileges on the firewall.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.