Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this series, you’ll hear directly from Vanta’s Security, Enterprise Engineering, and Privacy, Risk, & Compliance Teams to learn about the team’s approach to keeping Vanta — and most importantly, our customers — secure. ‍ The following post comes from our Security Team and explains our approach to threat modeling. ‍ ‍

Our most recent product and feature release further secures software supply chains, extends Tanium’s single view of endpoint data to additional ARM-powered devices, and expands the capabilities of our Risk & Compliance solution.

Cloudflare has done several deep dives into Zero Trust performance in 2023 alone: one in January, one in March, and one for Speed Week. In each of them, we outline a series of tests we perform and then show that we’re the fastest. While some may think that this is a marketing stunt, it’s not: the tests we devised aren’t necessarily built to make us look the best, our network makes us look the best when we run the tests.

A threat actor tracked as “Muddled Libra” is using the 0ktapus phishing kit to gain initial access to organizations in the software automation, business process outsourcing, telecommunications, and technology industries, according to researchers at Palo Alto Networks’ Unit 42.

Strong, resilient security operations require the proper melding of people, technology, and processes to achieve the goal of reducing the likelihood and impact of cyber threats. The right security operations center (SOC) will strengthen the overall security resiliency of an organization. The wrong one will tax your team — leading to mistakes, breaches, and losses.

Open source code is a vital aspect of modern development. It allows developers to increase their application’s functionality, while reducing overall development time. However, the system isn’t perfect. The nature of third party software and it’s dependencies often creates opportunity for security vulnerabilities to lurk in libraries and downloads.