#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Compliance Framework | Breaking Cybersecurity News | The Hacker News

Category — Compliance Framework
DevOps Dilemma: How Can CISOs Regain Control in the Age of Speed?

DevOps Dilemma: How Can CISOs Regain Control in the Age of Speed?

May 24, 2024 DevSecOps / Vulnerability Management
Introduction The Colonial Pipeline ransomware attack (2021) and SolarWinds supply chain attack (2020) were pivotal moments in cybersecurity, starting a new challenge for Chief Information Security Officers ( CISOs ). These attacks highlighted the importance of collaboration between CISOs and DevOps teams to ensure proper cloud security configurations. In this article, we will outline the 6-step approach to fostering strong partnerships between CISOs, DevOps teams, IT management, and organizations that can help to drive innovation while maintaining a robust security posture. You will learn how a CISO can effectively communicate with IT leadership and what methods to try. Our narrative will emphasize the most crucial aspect of an organization's security - growing your strong security team and moving to a proactive approach.  Understanding such breaches, such as the Capital One data breach (2019), Epsilon data breach (2019), Magecart compromises (ongoing), and MongoDB breaches (2
(Cyber) Risk = Probability of Occurrence x Damage

(Cyber) Risk = Probability of Occurrence x Damage

May 15, 2024 Threat Detection / Cybersecurity
Here's How to Enhance Your Cyber Resilience with CVSS In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the eight-year-old CVSS v3.0, with the aim to enhance vulnerability assessment for both industry and the public. This latest version introduces additional metrics like safety and automation to address criticism of lacking granularity while presenting a revised scoring system for a more comprehensive evaluation. It further emphasizes the importance of considering environmental and threat metrics alongside the base score to assess vulnerabilities accurately. Why Does It Matter? The primary purpose of the CVSS is to evaluate the risk associated with a vulnerability. Some vulnerabilities, particularly those found in network products, present a clear and significant risk as unauthenticated attackers can easily exploit them to gain remote control over affected systems. These vulnerabilities have frequently been exploited over the years, often ser
Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Sep 09, 2024SaaS Security / Risk Management
Designed to be more than a one-time assessment— Wing Security's SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it's free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management  Just like waiting for a medical issue to become critical before seeing a doctor, organizations can't afford to overlook the constantly evolving risks in their SaaS ecosystems. New SaaS apps, shifting permissions, and emerging threats mean risks are always in motion. SaaS Pulse makes it easy to treat SaaS risk management as an ongoing practice, not just an occasional check-up. Security teams instantly get a real-time security "health" score, prioritized risks, contextualized threat insights, and the organization's app inventory—without setups or integrations. SaaS is a Moving Target SaaS stacks don't stand still. Business critical apps can easily slip into a state of vulnerability (i.e. supply chain attacks, account takeovers
Expert Insights / Articles Videos
Cybersecurity Resources