#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News

Cyber Defense | Breaking Cybersecurity News | The Hacker News

Category — Cyber Defense
Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future

Nov 25, 2024
As I usually say: 'attackers are lazy'. In other words, they always follow the path of least resistance. As defenders catch up with their tactics, techniques, and procedures, the asymmetric gap between offensive and defensive capability shrinks, pushing attackers to shift their battlefield strategy, perpetuating a game that repeats over and over again. Take, for example, endpoint protection. For the last few years, endpoint protection, detection, and response have been the centerpiece of security strategies. As modern endpoint security products get better at anticipating threats based on AI-based engines, providing richer visibility and more contextual detection capabilities, attackers are pivoting away from them, looking for 'blind spots' in your architecture, leveraging vulnerabilities and misconfigurations in network devices, supply chains, and even firmware embedded deep within devices, areas where security visibility is limited. This trend is particularly significant due to the ...
How Does Threat Intelligence Apply to SaaS Security? And Why You Should Care

How Does Threat Intelligence Apply to SaaS Security? And Why You Should Care

Sept 16, 2024
In just a few clicks, any SaaS app can turn into a company's go-to system for collaboration, record keeping, CRM, workflow organization, marketing, human resource management, and more. These apps can also act as footholds from which threat actors can pivot into corporate environments and steal critical data.  The rapid adoption of SaaS apps is outpacing the implementation of necessary security measures. The rise in attacks—such as account takeovers and credential leaks—highlights this gap. On the users' end, the responsibilities include taking a security-first approach to account configuration i.e., continuously monitoring for access risks and emerging threats to their data. But with so many users, so many apps and so much data, it's easier said than done.  What leaves companies exposed to data breaches and leaks is the lack of clarity, context, and prompt action. Security teams must make a massive effort to research threats, filter the relevant ones, assess the impact of p...
Cybersecurity Resources