We had a CISO community Fireside on "Practical Approach To Understanding Attack Surface Management (ASM) In 2023" with Chris Ray (security architect) and Bikash Barai (cofounder CISO Platform, FireCompass). We discussed on how ASM dramatically improv

Hello Members,

There has been some very interesting findings in the Verizon DBIR Report 2022. The community has been asking many questions and is excited. We requested a community session from our partner firecompass research division which you can j

We're talking about the latest Java-based vulnerability CVE-2021-44228. Recently, a critical Zero-day vulnerability has been found in log4j which permits Remote Code Execution (RCE) allowing the attackers to get remote access. The Vulnerability got

Keynotes From World-Renowned Industry Experts (Best Of The World) :  

• "The state of security markets and changing buying priorities" by Maria Kussmaul - Head Security, Investment Banking | Wharton School 
• "Q3 2021 Changes To The Entire IT Secur

I got into a very insightful debate with somebody who will remain nameless in the beginning of this post, but will perhaps be revealed later. The debate focused on the role of context in threat detection.

Specifically, it is about the role of local c

Definition
Penetration testing and red teaming activities have traditionally been heavily dependent on human testers and their toolkits of commercial and proprietary tools. A new market of solutions is emerging that can fully or semiautomate continuo

There are only 3 fundamental ways to stop attacks from motivated and intelligent adversaries.

Let’s identify and explore those options, and discuss how they may be applied to undermine Ransomware.

This video is the latest installment of a multi-part

The ‘SolarWinds hack’, a cyberattack recently discovered in the United States, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.

About Speaker
Sudhakar is Progressive CEO an

The attack was first detected on 2nd July and had spread to over over 30 MSPs and over 1,500 businesses in the US, AUS, EU, LATAM and Asia. 

The customers received the malicious “VSA agent hotfix” pack that was able to overcome anti-virus protections

Key Takeaways (Summary by Anton Chuvakin):

• SOC is first a TEAM. Next a PROCESS. And it uses TECHNOLOGY too, but ultimately people and process defines SOC success
• Key challenges in building a modern SOC include (1) gaining visibility with the expa

About The Report

In the Hype Cycle for Security Operations 2021, Gartner points out, organizations that can easily identify the event types that will impact their business in terms of brand damage or reduced operational capacity, stand a much greater

As enterprises battle to conquer the new normal, an old concept of ‘Zero Trust’ has come to the fore. What is zero trust and how pertinent is it for the situation that businesses find themselves? What is the right approach to implement this framework

We are very excited about the 13th year of the Summit. Here's a quick glance to help you see what's the excitement about.

Date & Venue : 2-3 June, 2021. Virtual Platform

Register here : https://bit.ly/3b56OaY

Keynotes By International Experts

• T

Cross-posted from Anton on Security

This is a quick “let’s think about it together” post focused on the future of cloud security.

Our logical starting point is: “Through 2025, 99% of cloud security failures will be the customer’s fault.” (source: Gartn

Secure access service edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept that Gartner described in the August 2019 report The Future of Network Security in the Cloud.

Before diving into the specifics of SASE, it’s important to un

The intent of using IT Governance Risk Compliance (IT GRC) tools and capabilities is to report and manage IT Risks. We will study the critical platform capabilities for IT GRC Tools.

Critical Platform Capabilities In IT GRC Solution

• IT Risk Mana