First aid kit > help / fix / patch / remedy / recovery

12 steps to building a top-notch vulnerability management program

Security experts share their best advice for the essential ingredients of a solid vulnerability management program, including foundational elements to put in place, workflows to establish, who to involve, and metrics to track.

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

The US federal cybersecurity bureaucracy: A guide

A high-level look at the national offices and organizations involved in protecting the US from cyber threats.


Intel bets big on security as a service for confidential computing

At its inaugural Vision event, Intel launched a security as a service initiative called Project Amber for confidential computing in the cloud, and outlined its support for secure and responsible AI and quantum-resistant cryptography....


Security system alert: 'DANGER'

Five Eyes nations warn MSPs of stepped-up cybersecurity threats

The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

president joe biden image

A year later, Biden’s cybersecurity executive order driving positive change

Notable experts say the cybersecurity executive order has improved the nation's security posture, but more work is to be done.

Jamil Farshchi, CISO, Equifax

Equifax’s Jamil Farshchi: Security shouldn’t be a trade secret

Farshchi joined the credit reporting agency in 2018 with a mandate for change following the company’s high-profile data breach. Today, he’s calling for greater transparency and collaboration in the security community, with Equifax...

20151027 red hat logo

Red Hat debuts edge features for Linux, Kubernetes platform security

At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.

binary code, magnifying lens, skull and crossbones

Threat hunters expose novel IceApple attack framework

Suspected state-sponsored threat actor uses IceApple to target technology, academic and government sectors with deceptive software.

An anonymous hooded figure is surrounded by an abstract network of avatars.

ForgeRock offers AI-based solution for identity-based cyberattacks

ForgeRock Autonomous Access is designed to eliminate account takeovers and prevent fraud in real-time, using a combination of AI and advanced pattern recognition.


backdoor / abstract security circuits, locks and data blocks

Stealthy Linux implant BPFdoor compromised organizations globally for years

The China-linked backdoor takes advantage of the Berkeley Packet Filter on Unix systems to hide its presence.

trojan horse malware virus binary by v graphix getty

New RAT malware uses sophisticated evasion techniques, leverages COVID-19 messaging

Nerbian RAT malware uses significant anti-analysis and anti-reversing capabilities along with multiple open-source Go libraries to conduct malicious activity.

programmer certification skills code devops glasses student by kevin unsplash

Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assets

The software provider has also enhanced its underlying security and compliance mechanism Chef InSpec with new features.

ransomware attack

What your cyber insurance application form can tell you about ransomware readiness

The annual cyber insurance application form shows what the carriers think you should be doing to best prevent and recover from ransomware attacks. Pay attention.

Application security  >  Software code + data protected with a lock

7 top software supply chain security tools

These tools will help identify vulnerabilities and threats posed by third-party code through software composition analysis and SBOM creation.