remediation

China-linked spies backdoored authentication stack to stay hidden for years

APT, authentication, Don't miss, enterprise, Hot stuff, intrusion detection, Linux, News, remediation, Sygnia, threat hunting /

China-linked spies backdoored authentication stack to stay hidden for years 2026-06-15 at 18:27 By Zeljka Zorz A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia. The group’s […]

China-linked spies backdoored authentication stack to stay hidden for years Read More »

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

CISO, cybersecurity, Don't miss, GitGuardian, Hot stuff, News, remediation, telecommunications /

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom 2026-01-28 at 08:15 By Help Net Security Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom Read More »

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, penetration testing, PlexTrac, remediation, vulnerability management /

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever 2026-01-21 at 07:34 By Help Net Security Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is how findings are handled after the testing concludes. The method of reporting,

The 2026 State of Pentesting: Why delivery and follow-through matter more than ever Read More »

Downtime pushes resilience planning into security operations

Absolute Security, CISO, communication, cyber resilience, cybersecurity, News, remediation, threats /

Downtime pushes resilience planning into security operations 2026-01-12 at 07:18 By Anamarija Pogorelec CISOs describe a shift in how they define success. New research from Absolute Security shows broad agreement that resilience outweighs security goals centered on prevention alone. Security leaders increasingly define their role around keeping the business operating through disruption. The cost of

Downtime pushes resilience planning into security operations Read More »

Fragmented tooling slows vulnerability management

cybersecurity, Hackuity, News, remediation, report, Threat Intelligence, vulnerability management /

Fragmented tooling slows vulnerability management 2025-11-28 at 07:32 By Anamarija Pogorelec Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations use a formalized approach to manage vulnerabilities, but their

Fragmented tooling slows vulnerability management Read More »

Financial services can’t shake security debt

Application Security, cybersecurity, financial industry, News, open source, remediation, report, Veracode /

Financial services can’t shake security debt 2025-11-04 at 07:30 By Anamarija Pogorelec In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data

Financial services can’t shake security debt Read More »

Exposed and unaware? Smart buildings need smarter risk controls

automation, Claroty, digital transformation, News, remediation, report, risk, Risk Management, smart building, vulnerability management /

Exposed and unaware? Smart buildings need smarter risk controls 2025-07-04 at 08:01 By Help Net Security 75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty. The post Exposed and unaware? Smart buildings need smarter risk controls appeared first on Help Net Security. This article is an excerpt

Exposed and unaware? Smart buildings need smarter risk controls Read More »

Developing an effective cyberwarfare response plan

Armis, Artificial Intelligence, cybersecurity, Cyberwarfare, digital transformation, Don't miss, Features, Hot stuff, News, opinion, remediation, strategy, threat, Threat Intelligence /

Developing an effective cyberwarfare response plan 2024-09-27 at 07:01 By Mirko Zorz In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael emphasizes the need for AI-powered defenses and proactive cybersecurity strategies to combat these evolving threats. How has adopting AI

Developing an effective cyberwarfare response plan Read More »

Detecting vulnerable code in software dependencies is more complex than it seems

code, code analysis, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, open source, opinion, remediation, SCA, software, vulnerability management /

Detecting vulnerable code in software dependencies is more complex than it seems 2024-09-18 at 07:31 By Mirko Zorz In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the limitations of traditional software composition analysis (SCA) solutions

Detecting vulnerable code in software dependencies is more complex than it seems Read More »

How to make Infrastructure as Code secure by default

code, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, remediation, security standard, StackGen, threat detection /

How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC

How to make Infrastructure as Code secure by default Read More »

Strategies for preventing AI misuse in cybersecurity

analytics, Artificial Intelligence, awareness, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, News, opinion, remediation, risk, SecurityPal, strategy /

Strategies for preventing AI misuse in cybersecurity 2024-05-06 at 08:01 By Mirko Zorz As organizations increasingly adopt AI, they face unique challenges in updating AI models to keep pace with evolving threats while ensuring seamless integration into existing cybersecurity frameworks. In this Help Net Security interview, Pukar Hamal, CEO at SecurityPal, discusses the integration of

Strategies for preventing AI misuse in cybersecurity Read More »

Does AI remediation spell the end for developers in 2024?

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, remediation, Secure Code Warrior, software development, Video /

Does AI remediation spell the end for developers in 2024? 2024-02-27 at 07:03 By Help Net Security Big tech firms are already rolling out AI remediation tools to prevent developers from introducing security risks into the software development lifecycle (SDLC). In this Help Net Security video, Matias Madou, CTO at Secure Code Warrior, discusses how

Does AI remediation spell the end for developers in 2024? Read More »

The effect of omission bias on vulnerability management

cyber resilience, cybersecurity, data, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, patching, remediation, trackd, vulnerability management /

The effect of omission bias on vulnerability management 2024-01-24 at 08:31 By Help Net Security Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.

The effect of omission bias on vulnerability management Read More »

Vulnerability disclosure: Legal risks and ethical considerations for researchers

cybersecurity, data breach, Don't miss, exploit, extortion, Features, Government, Hot stuff, law, News, opinion, Privacy, Project Black, regulation, remediation, risk assessment, strategy, vulnerability disclosure /

Vulnerability disclosure: Legal risks and ethical considerations for researchers 27/11/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must perform when navigating the interests of

Vulnerability disclosure: Legal risks and ethical considerations for researchers Read More »

Scaling rapidly? Your application security strategies need to keep up

Application Security, Compliance, cybersecurity, ESG, Mend, News, remediation, report, strategy, survey, vulnerability management /

Scaling rapidly? Your application security strategies need to keep up 23/10/2023 at 07:01 By Help Net Security Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Mend.io. Just 52% of companies can effectively remediate critical vulnerabilities and only 41% are confident they can manage the security

Scaling rapidly? Your application security strategies need to keep up Read More »

How to go from collecting risk data to actually reducing risk?

cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, remediation, Risk Management, Seemplicity, strategy, tips /

How to go from collecting risk data to actually reducing risk? 17/10/2023 at 08:17 By Help Net Security Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively mitigating risk. Making that transition starts with a shift from using “risks

How to go from collecting risk data to actually reducing risk? Read More »

Keeping up with the demands of the cyber insurance market

cyber insurance, cybersecurity, data security, Delinea, Don't miss, Expert analysis, Expert corner, Hot stuff, market, MFA, News, opinion, Ransomware, remediation, standards, strategy, threats /

Keeping up with the demands of the cyber insurance market 12/10/2023 at 08:01 By Help Net Security Cyber insurance has been around longer than most of us think. When American International Group (AIG) launched the first cyber insurance policy in 1997, it stepped into completely unknown territory to gain market share. Now, 26 years later,

Keeping up with the demands of the cyber insurance market Read More »

Why zero trust delivers even more resilience than you think

access management, attack, cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, NetScaler, News, opinion, policy, remediation, zero trust /

Why zero trust delivers even more resilience than you think 10/10/2023 at 08:04 By Help Net Security Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable trend than as a mere option on the security menu.

Why zero trust delivers even more resilience than you think Read More »

Tackling cyber risks head-on using security questionnaires

Artificial Intelligence, cyber risk, cybersecurity, Data Protection, Don't miss, Features, framework, Hot stuff, News, opinion, remediation, risk assessment, Risk Management, Skypher, standards, supply chain /

Tackling cyber risks head-on using security questionnaires 04/10/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data. Many organizations

Tackling cyber risks head-on using security questionnaires Read More »

Despite rising insider risk costs, budgets are being wasted in the wrong places

attacks, cybersecurity, data breach, Dtex Systems, Gartner, News, Ponemon Institute, remediation, report, risk, Risk Management, social engineering, survey /

Despite rising insider risk costs, budgets are being wasted in the wrong places 25/09/2023 at 06:02 By Help Net Security The cost of an insider risk is the highest it’s ever been, as organizations spend more time than ever trying to contain insider incidents, according to DTEX Systems. The average annual cost of an insider

Despite rising insider risk costs, budgets are being wasted in the wrong places Read More »

Scroll to Top