#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Zero Trust Security | Breaking Cybersecurity News | The Hacker News

Category — Zero Trust Security
Passwordless AND Keyless: The Future of (Privileged) Access Management

Passwordless AND Keyless: The Future of (Privileged) Access Management

Sep 20, 2024 Privileged Access Management
In IT environments, some secrets are managed well and some fly under the radar. Here's a quick checklist of what kinds of secrets companies typically manage, including one type they should manage: Passwords [x] TLS certificates [x] Accounts [x] SSH keys ??? The secrets listed above are typically secured with privileged access management (PAM) solutions or similar. Yet, most traditional PAM vendors hardly talk about SSH key management. The reason is simple: they don't have the technology to do it properly.  We can prove it. All our SSH key management customers have had a traditional PAM deployed, but they realized that they couldn't manage SSH keys with it. At best, traditional PAMs can discover, let alone manage, 20% of all keys. So, what's the fuss about SSH keys? SSH keys are access credentials in the Secure Shell (SSH) protocol. In many ways, they're just like passwords but functionally different. On top of that, keys tend to outnumber passwords, especially in long-standi
Webinar – Leverage Zero Trust Security to Minimize Your Attack Surface

Webinar – Leverage Zero Trust Security to Minimize Your Attack Surface

Jan 08, 2024 Cyber Security / Zero Trust
Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particularly firewalls and VPNs, which give attackers direct network access to execute their attacks. In fact,  Gartner  identified attack surface expansion as a major trend to watch. So, it is not surprising that External Attack Surface Management (EASM) is a growing priority for organizations. But traditional castle-and-moat-based security architectures are ineffective at protecting enterprises against today's sophisticated attacks, which increasingly leverage AI and as-a-service models to maximize speed and damage. Zero trust security is the best way to minimize the attack surface, prevent compromise, eliminate lateral movement, and stop data loss. Register here  and join Apoorva Ravikrishnan, Senior Manager of P
How to Investigate ChatGPT activity in Google Workspace

How to Investigate ChatGPT activity in Google Workspace

Sep 17, 2024GenAI Security / SaaS Security
When you connect your organization's Google Drive account to ChatGPT, you grant ChatGPT extensive permissions for not only your personal files, but resources across your entire shared drive. As you might imagine, this introduces an array of cybersecurity challenges. This post outlines how to see ChatGPT activity natively in the Google Workspace admin console, and how Nudge Security can provide full visibility into all genAI integrations. Since launching ChatGPT in 2022, OpenAI has defied expectations with a steady stream of product announcements and enhancements. One such announcement came on May 16, 2024, and for most consumers, it probably felt innocuous. Titled  "Improvements to data analysis in ChatGPT," the post outlines how users can add files directly from Google Drive and Microsoft OneDrive. It's worth mentioning that other genAI tools like Google AI Studio and Claude Enterprise have also added similar capabilities recently. Pretty great, right? Maybe.‍ When you connec
Expert Insights / Articles Videos
Cybersecurity Resources