Security Boulevard

FEBRUARY 14, 2025

Cybersecurity News) How to mitigate buffer overflow vulnerabilities (Infosec Institute) How to prevent buffer overflow attacks (TechTarget) VIDEOS What is a Buffer Overflow Attack? Thats a key takeaway from Cybercrime: A Multifaceted National Security Threat, a report releaesd this week by Googles Threat Intelligence Group.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

CyberSecurity Insiders

JUNE 16, 2023

Cloud Security is often implemented with dedicated secure access service edge (SASE) architectures, including cloud access security brokers (CASBs). Similarly, Coinbase’s improper API validation process enabled users to make unlimited cryptocurrency trades between accounts without being detected.

Risk 131

Risk Firewall Data breaches InfoSec 131

McAfee

JULY 7, 2020

McAfee Unified Cloud is a framework for implementing a Secure Access Service Edge (SASE) architecture and a safe way to accelerate digital transformation with cloud services, enable cloud and internet access from any device, and allow ultimate workforce productivity.

Digital transformation 68

Digital transformation InfoSec Architecture Marketing 68

Cisco Security

JANUARY 28, 2021

When boiled down to its essence, InfoSec is all about risk mitigation, and risk is based on probability and impact. By integrating both Cisco and third-party technologies, Cisco SecureX ensures that it will fit in with the journey and vision for your security program. How can SecureX help you?

Technology 127

Technology InfoSec Antivirus Architecture 127

SecureWorld News

OCTOBER 19, 2023

Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. Reanna Schultz is a cybersecurity professional and frequent SecureWorld speaker whose day job is as Team Leader of InfoSec at Garmin. Does this tool integrate with our existing architecture (e.g., SIEM, SOAR)?

Cybersecurity 103

Cybersecurity CISO Education Phishing 103

SC Magazine

FEBRUARY 8, 2021

He referenced an insurer’s role in designing pressure relief valves for the steam engines powering Philadelphia in the 1800s: “They said if you wanted to have insurance, you have to have this piece of architecture on your system.” In so doing, “they drove security or solutions to avoid large insurance claims.”. billion in premium.

Insurance 126

Insurance Cybersecurity Cyber Insurance Government 126

Lenny Zeltser

MAY 1, 2017

We need to define and disambiguate this term before attempting to determine whether we’ve accounted for the associated threats when designing security programs. There is an increasingly-acute need for infosec designs that account for attacks that incorporate unknown, previously-unseen components. Avoid Zero-Day Confusion.

Malware 68

Malware Software Cyber Attacks InfoSec 68

The Falcon's View

AUGUST 6, 2018

First and foremost, your security program must account for basic security hygiene, which creates the basis for arguing legal defensibility ; which is to say, if you're not doing the basics, then your program can be construed insufficient, exposing your organization to legal liability (a growing concern). . Behavioral InfoSec.

InfoSec 40

InfoSec Risk Architecture Security Awareness 40

SecureWorld News

MAY 31, 2024

Cloud Solution Architect: While not purely cybersecurity, this role is heavily focused on cloud security in addition to architecture. If the morning paper had a misplaced character, it was noticed and you were held accountable, most likely, but the paper didn't shut down, didn't lose money or go out of business," Staynings continued. "If

Artificial Intelligence 107

Artificial Intelligence Cybersecurity Engineering Technology 107

Thales Cloud Protection & Licensing

JANUARY 7, 2022

Many analysts think of this tech as a subdomain of Zero Trust architecture – the initial but not the only building block of the whole concept. Is it possible to build an architecture in which the same rules apply to all users, or is the emergence of privileged accounts inevitable? Context sources for ZTNA.

Architecture 71

Architecture Technology Software Marketing 71

Notice Bored

JULY 21, 2022

The customer is apparently seeking guidance on integrating infosec into the development process, which begs the question "Which development process?". Prompted by some valuable customer feedback earlier this week, I've been thinking about how best to update the SecAware policy template on software/systems development.

Software 72

Software Risk InfoSec Security Awareness 72

eSecurity Planet

DECEMBER 20, 2023

Visit Cycognito Pricing Through its SaaS architecture, CyCognito provides tiered pricing for security testing, intelligence, and premium support. Yes, ASM software is designed to integrate effectively with other security solutions, thus improving the overall security architecture. How Frequently Should ASM Scans Be Performed?

Software 115

Software Risk Architecture Internet 115

Herjavec Group

SEPTEMBER 23, 2021

Not using easy to decrypt passwords or the same password for multiple accounts. Security consultants identify exploitable flaws in the security architecture, detective controls, and preventative controls to help build strategies that effectively secure and protect the environment from malicious actors. Taking a Reactive Approach.

Cybersecurity 97

Cybersecurity Penetration Testing Digital transformation Risk 97

Notice Bored

JUNE 23, 2022

ISO/IEC 27000 defines risk owner as a "person or entity with the accountability and authority to manage a risk" - one of the precious few ISO27k mentions of accountability; and Expected residual risk after the implementation of actions. The expansive German infosec standard IT-Grundschutz talks of the RTP in terms of a project plan.

Risk 63

Risk Architecture Accountability InfoSec 63

Notice Bored

APRIL 20, 2022

I have in mind consultancy, advisory and other specialist services such as: Building and construction services e.g. architecture, surveying; B usiness services e.g. marketing and sales, strategy and management consulting, auditing, quality consulting; E ngineering services e.g. electrical and electronic design, materials science, measurement and calibration; (..)

Risk 72

Risk Energy and Utilities Computers and Electronics Telecommunications 72

Herjavec Group

APRIL 26, 2021

Commerce is now advancing at a speed that makes it extremely difficult for infosec professionals to keep up. It’s a planning process of defining roles and endpoints, tactically rolling out tools and processes, and building the architecture to maintain and improve moving forward. Authenticate their identity. To Your Success , .

Risk 52

Risk Government InfoSec Cybersecurity 52

Notice Bored

MARCH 14, 2022

Professional services other than the provision of IT/networks/cloud: many organisations rely on third parties for strategic, legal, accounting, HR, marketing and/or other specialist services (advice or full outsourcing), hence they are giving, receiving and using very valuable and sensitive information.

Risk 66

Risk Information Security Surveillance Architecture 66

Security Boulevard

OCTOBER 27, 2021

A Zero Trust architecture should be at the center of every security strategy. Zero Trust assumes there is no implicit trust granted to assets, user accounts, microservices, or data based solely on their location. Here, we share 4 ways CIOs can effectively protect their company data against the rising tide of ransomware.

Ransomware 59

Ransomware Backups Mobile InfoSec 59

Notice Bored

AUGUST 5, 2022

Security Posture suggests a confusing mix of application and account security metrics. I'm really not sure what ' security posture ' even means in this context, and curious as to why those two aspects in particular have been selected as example metrics.

CISO 63

CISO Risk Artificial Intelligence Marketing 63

Security Boulevard

OCTOBER 24, 2023

An organization’s users must have trust in both the domain and the fidelity of its architecture. Whenever a user interactively authenticates to a domain controller, the accounts credential material is cached into the memory of the LSASS.exe process. Adversaries constantly seek ways to access and maintain presence in your domain.

Backups 69

Backups Passwords Authentication Accountability 69

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. In a cloud application and mobile world, organizations can’t rely on traditional perimeter security architecture to secure access to applications.

Technology 144

Technology Firewall VPN Authentication 144

Herjavec Group

DECEMBER 15, 2021

End users should be trained not to use easy to decrypt passwords and/or the same password for multiple accounts. This makes simple but essential information security protocols like proper monitoring, network segmentation, and working toward a zero-trust architecture challenging. Use Best Password Practices.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

Security Boulevard

NOVEMBER 18, 2021

This vulnerability affects all types of API architectures, including SOAP, REST, and GraphQL. If this vulnerability were to happen on an online shopping site, attackers might be able to harvest millions of bank accounts, credit card numbers, and addresses. Let’s look at an example! How can I prevent broken object-level authorization?

Authentication 64

Authentication Accountability Passwords Engineering 64

ForAllSecure

FEBRUARY 2, 2022

We’ve all been there-- locked out of some account because we can’t remember the clever password we used. Vamosi: For this episode I also want to weigh in on a very controversial topic within infosec today. Vamosi: There’s this saying in infosec about never rolling your own encryption. And you’re right.

Cryptocurrency 52

Cryptocurrency InfoSec Software Encryption 52

ForAllSecure

MAY 2, 2023

I’m Robert Vamosi and in this episode I’m talking about online criminal investigations conducted by someone who is inside the infosec community, and how your social media posts -- no matter how good you think you are about hiding -- can reveal a lot about your true identity. Daniel, he keeps a low profile. CLEMENS: I do.

Hacking 40

Hacking Media InfoSec Internet 40

Errata Security

MAY 19, 2020

If there's one thing that the entire cybersecurity industry is agreed about (other than hating the term cybersecurity, preferring "infosec" instead) is that you need this vulnerability disclosure program. You'll do threat modeling, then create an architecture and design, and so on. This is fiction. They then patch the code.

Engineering 41

Engineering VPN Encryption Marketing 41

eSecurity Planet

DECEMBER 19, 2023

Ricardo Villadiego, founder & CEO of Lumu , expects “a significant shift towards adopting models based on passwordless architectures like Google Passkeys as the dominant authentication method to combat phishing and scam campaigns. It’s no secret that the SEC is now holding CISOs accountable for the risks organizations take on.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

ForAllSecure

JULY 19, 2022

Vamos i I realized this isn't the typical InfoSec opening for The Hacker Mind but it is an important backstory for this episode's guest. Vamos i maturity accounts for some of that. You could see the plane come in just for the right hand side of the screen. We can do that for them and provide that service anywhere, anytime.

Cybercrime 52

Cybercrime Government Ransomware Risk 52

Duo's Security Blog

APRIL 29, 2022

Defining “storytelling” in an InfoSec context Inspiration - We the People: Democratizing Security “Storytelling” is a word that you will hear frequently within Duo’s creative team — now part of a Brand & Strategy unit for Cisco’s rebranded security organization Cisco Secure. But where to begin?

Marketing 98

Marketing InfoSec Architecture Authentication 98