#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Automation | Breaking Cybersecurity News | The Hacker News

Category — Automation
A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

Oct 29, 2024 Vulnerability / Threat Intelligence
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: "When you have eliminated the impossible, whatever remains, however improbable, must be the truth." Rather than following every lead, Holmes focuses on the details that are needed to move him to the solution. In cybersecurity, exposure validation mirrors Holmes' approach: Security teams are usually presented with an overwhelming list of vulnerabilities, yet not every vulnerability presents a real threat. Just as Holmes discards irrelevant clues, security teams must eliminate exposures that are unlikely to be exploited or do not pose significant risks. Exposure validation (sometimes called Adversarial Exposure Validation) enables teams to concentrate on the most significant issues and minimize distractions. Similar to Holmes' deductive reasoning, validation of exposures directs organizations towa
Why Pay A Pentester?

Why Pay A Pentester?

Sep 18, 2024 Penetration Testing / Automation
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine claimed victory. Fast forward to today, would we have imagined just three years ago that a chatbot could write essays, handle customer support calls, and even craft commercial artwork? We continue to be amazed by what software can achieve—tasks we once thought were strictly human domains. Such is the surprise unfolding in the sphere of cybersecurity testing. Hold tight! Demystifying Penetration Testing If someone had told me 10 years ago that computer software could one day perform the work of an ethical hacker, I would have said 'No way, Jose'. Penetration testing—PT for short—is when experts mimic hackers to test a company's defenses. It's a critical practice, mandated by major regulatory bodies like PCI DSS, HIPAA, and DORA to ensure network safety. Yet, despite
Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Oct 28, 2024Operational Technology / Cybersecurity
Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated. Diagnostics, maintenance, upgrade and adjustments to these critical systems are done remotely, often by third-party vendor technicians. This highlights the importance of proper secure remote access management for industrial control systems (ICS).  Learn more in our Buyer's Guide for Secure Remote Access Lifecycle Management .  We at SSH Communications Security (SSH) have been pioneering security solutions that bridge the gap between IT and OT in privileged access management . Let's investigate how we helped two customers solve their critical access control needs with us. Secure Remote Access Around the Globe to 1000s of Ships  In the maritime industry, ensuring secure and e
How a Trust Center Solves Your Security Questionnaire Problem

How a Trust Center Solves Your Security Questionnaire Problem

Jul 24, 2024 Cybersecurity / Enterprise Security
Security questionnaires aren't just an inconvenience — they're a recurring problem for security and sales teams. They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn't a lack of great questionnaire products — it's the questionnaires themselves. At SafeBase, we don't just talk about transparency — it's core to everything we do, from how we build our products to how we communicate about them. In the spirit of transparency, in this piece we're going to talk about our Trust Center platform at length:  Why we're believers in Trust Centers > security questionnaires How a Trust Center reduces and eliminates questionnaires How to demonstrate the ROI of investing in a Trust Center Let's dive in. Why a trust center first approach helps Solving the questionnaire problem means going beyond the questionnaire with a
cyber security

AWS EKS Security Best Practices [Cheat Sheet]

websiteWiz.ioCloud Security / Kubernetes
Unlock this one-stop resource for mastering EKS security best practices and safeguarding your cloud-native applications.
How to Set up an Automated SMS Analysis Service with AI in Tines

How to Set up an Automated SMS Analysis Service with AI in Tines

Jul 22, 2024 Threat Detection / Employee Security
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization's security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features , and security teams have already started sharing the AI-enhanced workflows they've built using the platform.  Tines' library of pre-built workflows includes AI-enhanced pre-built workflows for normalizing alerts, creating cases, and determining which phishing emails require escalations.  Let's take a closer look at their SMS analysis workflow, which, like all of their pre-built workflows, is free to access and import, and can be used with a free Community Edition account.  Here, we'll share an overview of the workflow, and a step-by-step guide for getting it up and running. The problem - SMS scam messages targeted at employees
Expert Insights / Articles Videos
Cybersecurity Resources