access control

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

access control, CVE, Don't miss, firewall, Hot stuff, News, security update, SonicWall, vulnerability /

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) 2024-08-26 at 21:32 By Zeljka Zorz SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an improper access control vulnerability in the “SonicWall SonicOS […]

React to this headline:

Loading spinner

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766) Read More »

Organizations fail to log 44% of cyber attacks, major exposure gaps remain

access control, cybersecurity, network, News, Picus Security, report, threat /

Organizations fail to log 44% of cyber attacks, major exposure gaps remain 2024-08-02 at 07:31 By Help Net Security 40% of tested environments allowed attack paths that lead to domain admin access, according to Picus Security. Achieving domain admin access is particularly concerning because it is the highest level of access within an organization’s IT

React to this headline:

Loading spinner

Organizations fail to log 44% of cyber attacks, major exposure gaps remain Read More »

How CISOs enable ITDR approach through the principle of least privilege

access control, access management, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, News, Opal Security, opinion, regulation, threat detection /

How CISOs enable ITDR approach through the principle of least privilege 2024-07-25 at 07:31 By Help Net Security Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion. For a good reason, too: Look no further than

React to this headline:

Loading spinner

How CISOs enable ITDR approach through the principle of least privilege Read More »

The CISO’s approach to AI: Balancing transformation with trust

access control, Artificial Intelligence, CISO, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, risk, Risk Management /

The CISO’s approach to AI: Balancing transformation with trust 2024-07-23 at 07:31 By Help Net Security As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these new dangers.

React to this headline:

Loading spinner

The CISO’s approach to AI: Balancing transformation with trust Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Loading spinner

Overlooked essentials: API security best practices Read More »

Risk related to non-human identities: Believe the hype, reject the FUD

access control, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, News, opinion, Sweet Security /

Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of

React to this headline:

Loading spinner

Risk related to non-human identities: Believe the hype, reject the FUD Read More »

Maximizing productivity with Copilot for Microsoft 365: A security perspective

access control, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft 365, risk, Varonis, Video /

Maximizing productivity with Copilot for Microsoft 365: A security perspective 2024-06-13 at 06:31 By Help Net Security In this Help Net Security video, Brian Vecci, Field CTO at Varonis, talks about maximizing the potential of Microsoft Copilot for 365. He highlights its productivity benefits and addresses critical security challenges, providing actionable steps to ensure safe

React to this headline:

Loading spinner

Maximizing productivity with Copilot for Microsoft 365: A security perspective Read More »

The importance of access controls in incident response

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, Incident Response, News, opinion, Rootly /

The importance of access controls in incident response 2024-05-17 at 12:31 By Help Net Security The worst time to find out your company doesn’t have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the

React to this headline:

Loading spinner

The importance of access controls in incident response Read More »

Who owns customer identity?

access control, authentication, Compliance, cybersecurity, Descope, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, MFA, News, opinion /

Who owns customer identity? 2024-04-18 at 07:31 By Help Net Security When I’m talking with prospective clients, I like to ask: which department owns customer identity? Everyone immediately looks towards a different team. While every team touches customer identity at some point, the teams that own it differ from organization to organization. From my experience,

React to this headline:

Loading spinner

Who owns customer identity? Read More »

AI set to enhance cybersecurity roles, not replace them

access control, Artificial Intelligence, Cloud Security Alliance, Compliance, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, opinion, regulation, risk, training /

AI set to enhance cybersecurity roles, not replace them 2024-04-16 at 07:02 By Mirko Zorz In this Help Net Security interview, Caleb Sima, Chair of CSA AI Security Alliance, discusses how AI empowers security pros, emphasizing its role in enhancing skills and productivity rather than replacing staff. AI is seen as empowering rather than replacing

React to this headline:

Loading spinner

AI set to enhance cybersecurity roles, not replace them Read More »

Strengthening critical infrastructure cybersecurity is a balancing act

access control, attacks, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, information sharing, News, opinion, regulation, resilience, strategy, zero trust /

Strengthening critical infrastructure cybersecurity is a balancing act 2024-03-26 at 07:31 By Mirko Zorz In this Help Net Security interview, Aaron Crow, Senior Director at MorganFranklin Consulting, discusses critical infrastructure cybersecurity strategies, barriers to threat information sharing, and innovative technologies enhancing resilience against cyberattacks. How do current cybersecurity strategies address the critical infrastructure sectors’ unique

React to this headline:

Loading spinner

Strengthening critical infrastructure cybersecurity is a balancing act Read More »

AI and the future of corporate security

access control, Artificial Intelligence, cybersecurity, Don't miss, Everbridge, fraud, Hot stuff, Insider Threat, threats, Video /

AI and the future of corporate security 2024-03-15 at 06:30 By Help Net Security In this Help Net Security video, Tracy Reinhold, CSO at Everbridge, discusses why AI technology must be embraced while also exploring some guardrails that must be in place to protect organizations against threats using AI to penetrate facilities. The post AI

React to this headline:

Loading spinner

AI and the future of corporate security Read More »

How advances in AI are impacting business cybersecurity

access control, Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Forcepoint, Hot stuff, News, opinion, policy, risk /

How advances in AI are impacting business cybersecurity 2024-03-12 at 07:52 By Help Net Security While ChatGPT and Bard have proven to be valuable tools for developers, marketers, and consumers, they also carry the risk of unintentionally exposing sensitive and confidential data. From a security point of view, it always pays to think one step

React to this headline:

Loading spinner

How advances in AI are impacting business cybersecurity Read More »

How threat actors abuse OAuth apps

access control, access management, Application Security, Astrix Security, attacks, cybersecurity, Don't miss, Hot stuff, OAuth, Video /

How threat actors abuse OAuth apps 2024-02-08 at 06:31 By Help Net Security OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security video, Tal Skverer, Research Team Lead at Astrix Security, shares insights on how

React to this headline:

Loading spinner

How threat actors abuse OAuth apps Read More »

Prioritizing cybercrime intelligence for effective decision-making in cybersecurity

access control, CISO, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, Hudson Rock, News, opinion, risk assessment, strategy, Threat Intelligence, tips /

Prioritizing cybercrime intelligence for effective decision-making in cybersecurity 2024-01-29 at 07:32 By Mirko Zorz In this Help Net Security interview, Alon Gal, CTO at Hudson Rock, discusses integrating cybercrime intelligence into existing security infrastructures. Our discussion will cover a range of essential aspects, from the importance of continuous adaptation in cybersecurity strategies to practical advice

React to this headline:

Loading spinner

Prioritizing cybercrime intelligence for effective decision-making in cybersecurity Read More »

3 ways to combat rising OAuth SaaS attacks

access control, Adaptive Shield, attacks, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, monitoring, News, OAuth, opinion, SaaS /

3 ways to combat rising OAuth SaaS attacks 2024-01-16 at 07:31 By Help Net Security OAuth attacks are on the rise. In December, the Microsoft Threat Intelligence team observed threat actors misusing OAuth apps to take over a cloud server and mine cryptocurrency, establish persistence following business email compromise and launch spam activity using the

React to this headline:

Loading spinner

3 ways to combat rising OAuth SaaS attacks Read More »

Preventing insider access from leaking to malicious actors

access control, access management, cybersecurity, Don't miss, Gutsy, Hot stuff, privileged accounts, risk, Video /

Preventing insider access from leaking to malicious actors 2024-01-15 at 07:32 By Help Net Security In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security posture if off-boarding isn’t handled thoroughly. The

React to this headline:

Loading spinner

Preventing insider access from leaking to malicious actors Read More »

The new imperative in API security strategy

access control, API security, authentication, cybersecurity, News, report, SSO, survey, Wallarm /

The new imperative in API security strategy 16/11/2023 at 07:01 By Help Net Security Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT),

React to this headline:

Loading spinner

The new imperative in API security strategy Read More »

Collaborative strategies are key to enhanced ICS security

access control, antivirus, collaboration, cybersecurity, Don't miss, Encryption, Features, firewall, framework, Hot stuff, identity management, News, opinion, regulation, risk assessment, Schneider Electric, standards, strategy, training /

Collaborative strategies are key to enhanced ICS security 14/11/2023 at 08:32 By Mirko Zorz In this Help Net Security interview, Marko Gulan, Cyber Security Consultant at Schneider Electric, discusses the complexities of safeguarding industrial control systems (ICS). Our conversation will explore the importance of cross-departmental collaboration, balancing security with system functionality, and the dynamic nature

React to this headline:

Loading spinner

Collaborative strategies are key to enhanced ICS security Read More »

Using real-time monitoring to identify and mitigate threats

access control, cybersecurity, Don't miss, Hot stuff, monitoring, Netdata, threats, user behavior, Video /

Using real-time monitoring to identify and mitigate threats 14/11/2023 at 08:02 By Help Net Security From identifying unusual behavior patterns to detecting unauthorized access, real-time monitoring provides a view of your digital environment, ensuring that threats are spotted and dealt with before they can cause harm. In this Help Net Security video, Costa Tsaousis, CEO

React to this headline:

Loading spinner

Using real-time monitoring to identify and mitigate threats Read More »

Scroll to Top