informa

Commentary

When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients?
Transitive dependencies can complicate the process of developing software bills of materials.
July 01, 2022
Transitive dependencies can complicate the process of developing software bills of materials.
by Donald Fischer, CEO and Co-Founder, Tidelift
July 01, 2022
3 min read
Article
Zero-Days Aren't Going Away Anytime Soon & What Leaders Need to Know
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
June 30, 2022
There were a record number of zero-day attacks last year, but some basic cyber-hygiene strategies can help keep your organization more safe.
by Dan Schiappa, Chief Product Officer, Arctic Wolf
June 30, 2022
4 min read
Article
How to Master the Kill Chain Before Your Attackers Do
In the always-changing world of cyberattacks, preparedness is key.
June 29, 2022
In the always-changing world of cyberattacks, preparedness is key.
by J.R. Cunningham, Chief Security Officer, Nuspire
June 29, 2022
5 min read
Article
Shifting the Cybersecurity Paradigm From Severity-Focused to Risk-Centric
Embrace cyber-risk modeling and ask security teams to pinpoint the risks that matter and prioritize remediation efforts.
June 29, 2022
Embrace cyber-risk modeling and ask security teams to pinpoint the risks that matter and prioritize remediation efforts.
by Ran Abramson, Threat Intelligence Analyst, Skybox Security
June 29, 2022
4 min read
Article
A WAF Is Not a Free Lunch: Teaching the Shift-Left Security Mindset
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
June 28, 2022
Developers need to think like WAF operators for security. Start with secure coding and think of Web application firewalls not as a prophylactic but as part of the secure coding test process.
by Yaniv Sazman, Lead Product Manager, F5 NGINX and OSS Security, F5 Networks
June 28, 2022
5 min read
Article
How to Find New Attack Primitives in Microsoft Azure
Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block.
June 28, 2022
Abuse primitives have a longer shelf life than bugs and zero-days and are cheaper to maintain. They're also much harder for defenders to detect and block.
by Andy Robbins, Technical Architect, SpecterOps
June 28, 2022
5 min read
Article
It's a Race to Secure the Software Supply Chain — Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
June 27, 2022
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
by Kayla Underkoffler, Senior Security Technologist, HackerOne
June 27, 2022
5 min read
Article
7 Steps to Stronger SaaS Security
Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.
June 24, 2022
Continuous monitoring is key to keeping up with software-as-a-service changes, but that's not all you'll need to get better visibility into your SaaS security.
by John Whelan, Senior Director of Product Management, AppOmni
June 24, 2022
4 min read
Article
The Rise, Fall, and Rebirth of the Presumption of Compromise
The concept might make us sharp and realistic, but it's not enough on its own.
June 23, 2022
The concept might make us sharp and realistic, but it's not enough on its own.
by Oleg Brodt, R&D Director of Deutsche Telekom Innovation Labs, Israel, and Chief Innovation Officer for [email protected] University
June 23, 2022
4 min read
Article
How APTs Are Achieving Persistence Through IoT, OT, and Network Devices
To prevent these attacks, businesses must have complete visibility into, and access and management over, disparate devices.
June 23, 2022
To prevent these attacks, businesses must have complete visibility into, and access and management over, disparate devices.
by Brian Contos, Chief Security Officer, Phosphorus Cybersecurity,
June 23, 2022
5 min read
Article
Getting a Better Handle on Identity Management in the Cloud
Treat identity management as a first-priority problem, not something to figure out later while you get your business up and running in the cloud.
June 22, 2022
Treat identity management as a first-priority problem, not something to figure out later while you get your business up and running in the cloud.
by Matt Quirion, Director of Design and Engineering, Kion
June 22, 2022
5 min read
Article
GitHub's MFA Plans Should Spur Rest of Industry to Raise the Bar
We as industry leaders should be building on what individual platforms like GitHub are doing in two critical ways: demanding third parties improve security and creating more interoperable architectures.
June 22, 2022
We as industry leaders should be building on what individual platforms like GitHub are doing in two critical ways: demanding third parties improve security and creating more interoperable architectures.
by Chris Niggel, Regional CSO, Americas, Okta
June 22, 2022
5 min read
Article
Why Financial Institutions Must Double Down on Open Source Investments
Open source is here to stay, and it's imperative that CIOs have a mature, open source engagement strategy, across consumption, contribution, and funding as a pillar of digital transformation.
June 21, 2022
Open source is here to stay, and it's imperative that CIOs have a mature, open source engagement strategy, across consumption, contribution, and funding as a pillar of digital transformation.
by Gabriele Columbro, Executive Director, FINOS
June 21, 2022
4 min read
Article
AI Is Not a Security Silver Bullet
AI can help companies more effectively identify and respond to threats, as well as harden applications.
June 21, 2022
AI can help companies more effectively identify and respond to threats, as well as harden applications.
by Mark Lambert, Vice President of Product, Armorcode
June 21, 2022
4 min read
Article
Name That Toon: Cuter Than a June Bug
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
June 20, 2022
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
by John Klossner, Cartoonist
June 20, 2022
1 min read
Article