#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
DevSecOps

Continuous Monitoring | Breaking Cybersecurity News | The Hacker News

Category — Continuous Monitoring
Navigating the Future: Key IT Vulnerability Management Trends 

Navigating the Future: Key IT Vulnerability Management Trends 

Feb 05, 2025 Vulnerability / Threat Detection
As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws. Staying informed on these trends can help MSPs and IT teams remain one step ahead of potential cyber-risks. The Kaseya Cybersecurity Survey Report 2024 navigates this new frontier of cyber challenges. The data is clear: Organizations are becoming increasingly reliant on vulnerability assessments and plan to prioritize these investments in 2025. Companies are increasing the frequency of vulnerability assessments  In 2024, 24% of respondents said they conduct vulnerability assessments more than four times per year, up from 15% in 2023. This shift highlights a growing recognition of the need for continuous monitoring and quick response to emerging t...
Embarking on a Compliance Journey? Here’s How Intruder Can Help

Embarking on a Compliance Journey? Here's How Intruder Can Help

Oct 30, 2024 Vulnerability / Compliance
Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks demand, making your compliance journey much smoother. Read on to understand how to meet the requirements of each framework to keep your customer data safe. How Intruder supports your compliance goals Intruder's continuous vulnerability scanning and automated reporting help you meet the security requirements of multiple frameworks, including SOC 2, ISO 27001, HIPAA, Cyber Essentials, and GDPR. Here are three core ways Intruder can support you: 1. Making vulnerability management easy Security can be complicated, but your tools shouldn't be. Intruder's always-on platform brings together multiple powerful scanning engines, delivering comprehensive protection that goes beyond traditional vulnerability management. Covering application, cloud, internal, and netwo...
Watch Out For These 8 Cloud Security Shifts in 2025

Watch Out For These 8 Cloud Security Shifts in 2025

Feb 04, 2025Threat Detection / Cloud Security
As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even more robust security strategy. Let's take a look… #1: Increased Threat Landscape Encourages Market Consolidation Cyberattacks targeting cloud environments are becoming more sophisticated, emphasizing the need for security solutions that go beyond detection. Organizations will need proactive defense mechanisms to prevent risks from reaching production. Because of this need, the market will favor vendors offering comprehensive, end-to-end security platforms that streamline risk mitigation and enhance operational efficiency. #2: Cloud Security Unifies with SOC Priorities Security operations centers (SOC) and cloud security functions are c...
Think You’re Secure? 49% of Enterprises Underestimate SaaS Risks

Think You're Secure? 49% of Enterprises Underestimate SaaS Risks

Oct 23, 2024 SaaS Security / Cloud Security
It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it's no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security within their cybersecurity teams. These statistics not only highlight a critical security blind spot, they also point to the fact that organizational culture is often overlooked as a driving factor behind these risks. As SaaS environments become more decentralized, the lack of clarity around roles and responsibilities is leaving companies exposed.  Most security teams focus solely on technical matters, often overlooking how their company's culture—its everyday practices, attitudes, and default policy enforcement processes—shapes their organization's security posture. Overconfidence, unclear responsibilities, and a lack of continuous monitoring can lead to SaaS security breaches. Let's exami...
cyber security

Webinar: 5 Ways New AI Agents Can Automate Identity Attacks | Register Now

websitePush SecurityAI Agents / Identity Security
Watch how Computer-Using Agents can be used by attackers to automate account takeover and exploitation.
Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

Sep 09, 2024 SaaS Security / Risk Management
Designed to be more than a one-time assessment— Wing Security's SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it's free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management  Just like waiting for a medical issue to become critical before seeing a doctor, organizations can't afford to overlook the constantly evolving risks in their SaaS ecosystems. New SaaS apps, shifting permissions, and emerging threats mean risks are always in motion. SaaS Pulse makes it easy to treat SaaS risk management as an ongoing practice, not just an occasional check-up. Security teams instantly get a real-time security "health" score, prioritized risks, contextualized threat insights, and the organization's app inventory—without setups or integrations. SaaS is a Moving Target SaaS stacks don't stand still. Business critical apps can easily slip into a state of vulnerability (i.e. supply chain attacks, account takeo...
NIST Cybersecurity Framework (CSF) and CTEM – Better Together

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

Sep 05, 2024 Threat Detection / Vulnerability Management
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally tailored for Critical infrastructure, 2018's version 1.1 was designed for any organization looking to address cybersecurity risk management.  CSF is a valuable tool for organizations looking to evaluate and enhance their security posture. The framework helps security stakeholders understand and assess their current security measures, organize and prioritize actions to manage risks, and improve communication within and outside organizations using a common language. It's a comprehensive collection of guidelines, best practices, and recommendations, divided into five core functions: Identify, Pr...
Focus on What Matters Most: Exposure Management and Your Attack Surface

Focus on What Matters Most: Exposure Management and Your Attack Surface

Aug 23, 2024 Attack Surface Management
Read the full article for key points from Intruder's VP of Product, Andy Hornegold's recent talk on exposure management. If you'd like to hear Andy's insights first-hand,  watch Intruder's on-demand webinar . To learn more about reducing your attack surface , reach out to their team today.   Attack surface management vs exposure management Attack surface management (ASM) is the ongoing process of discovering and identifying assets that can be seen by an attacker on the internet, showing where security gaps exist, where they can be used to perform an attack, and where defenses are strong enough to repel an attack. If there's something on the internet that can be exploited by an attacker, it typically falls under the realm of attack surface management. Exposure management takes this a step further to include data assets, user identities, and cloud account configuration. It can be summarized as the set of processes that allow organizations to continually and consistently eval...
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

Apr 29, 2024 Exposure Management / Attack Surface
It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Mana...
How to Keep Your Business Running in a Contested Environment

How to Keep Your Business Running in a Contested Environment

Oct 27, 2023 Threat Detection / Vulnerability Management
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it's essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies your operational technology and critical systems. This places them at the forefront of cybercriminal interest, as they seek to exploit vulnerabilities, compromise your data, and demand ransoms. In today's landscape, characterized by the ever-present risk of ransomware attacks and the challenges posed by fragmented security solutions, safeguarding your organization is paramount. This is where  The National Institute of Standards and Technology (NIST) advocates  for the development of resilient, reliable security systems capable of foreseeing, enduring, and rebounding from cyberattacks.  In this guide, we'll explore strategies to fortify your defenses against cyber threats and ensur...
Expert Insights / Articles Videos
Cybersecurity Resources