#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

SOC 2 | Breaking Cybersecurity News | The Hacker News

Category — SOC 2
The Importance of Managing Your Data Security Posture

The Importance of Managing Your Data Security Posture

Jun 02, 2023 Data Security / Attack Surface
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?  Data security posture management  (DSPM) became mainstream following the publication of Gartner® Cool Vendors™ in Data Security—Secure and Accelerate Advanced Use Cases. In that  report , Gartner1 seems to have kicked off the popular use of the data security posture management term and massive investment in this space by every VC. Since that report, Gartner has identified at least 16 DSPM vendors, including Symmetry Systems. What is Data Security Posture? There certainly is a lot being marketed and published about data security posture management solutions themselves, but we first wanted to dig into what is data security posture?  Symmetry Systems define...
Why Vulnerability Scanning is Critical for SOC 2

Why Vulnerability Scanning is Critical for SOC 2

Sep 12, 2022
SOC 2 may be a voluntary standard, but for today's security-conscious business, it's a minimal requirement when considering a SaaS provider. Compliance can be a long and complicated process, but a scanner like  Intruder  makes it easy to tick the vulnerability management box. Security is critical for all organisations, including those that outsource key business operations to third parties like SaaS vendors and cloud providers. Rightfully so, since mishandled data – especially by application and network security providers – can leave organisations vulnerable to attacks, such as data theft, extortion and malware. But how secure are the third parties you've entrusted with your data? SOC 2 is a framework that ensures these service providers securely manage data to protect their customers and clients. For security-conscious businesses – and security should be a priority for every business today – SOC 2 is now a minimal requirement when considering a SaaS provider. What SOC ...
From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Jan 06, 2025SaaS Security / Threat Detection
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)—a 75% increase from last year—and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024 ). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout players, unexpected underdogs, and relentless scorers leaving their mark on the SaaS security playing field.  As we enter 2025, security teams must prioritize SaaS security risk assessments to uncover vulnerabilities, adopt SSPM tools for continuous monitoring, and proactively defend their systems. Here are the Cyber Threat All-Stars to watch out for—the MVPs, rising stars, and master strategists who shaped the game. 1. ShinyHunters: The Most Valuable Player Playstyle: Precision Shots (Cybercriminal Organization) Biggest Wins: Snowflake, Ticketmaster and Authy Notable Drama: Exploited on...
Getting Your SOC 2 Compliance as a SaaS Company

Getting Your SOC 2 Compliance as a SaaS Company

Feb 17, 2022
If you haven't heard of the  term , you will soon enough. SOC 2, meaning System and Organization Controls 2 , is an auditing procedure developed by the American Institute of CPAs (AICPA). Having SOC 2 compliance means you have implemented organizational controls and practices that provide assurance for the safeguarding and security of client data. In other words, you have to show (e.g., document and demonstrate) that you are acting in good faith with other people's information. In its simplest definition, it's a report card from an auditor.  At Rewind, before SOC 2, we had some processes in place, such as change management procedures for when emergency fixes need to be released to production quickly. But after beginning our SOC 2 journey we realized that we did not have a great way to track the reasoning behind a required emergency change, and this was required for our SOC 2 audit. So we worked with our auditor to set up a continuous auditing system for these requests, p...
cyber security

Advance Your Cybersecurity Career at SANS Security East Baltimore 2025

websiteSANS SecurityCybersecurity Training
Choose from 25+ cutting-edge courses & train in-person to unlock $999. Elevate your skills now!
Expert Insights / Articles Videos
Cybersecurity Resources