Threat and Vulnerability Management
Threat and Vulnerability Management | News, how-tos, features, reviews, and videos
Attributes of a mature cyber-threat intelligence program
Mature cyber-threat intelligence programs follow a lifecycle and provide tactical, operational, and strategic value. Many enterprise organizations aren't even close.
Insider threats surge across US CNI as attackers exploit human factors
Economic pressures and remote working could be increasing critical national infrastructure insider threats while nation-state actors and ransomware attacks continue to pose significant risks.
Nozomi Networks announces Vantage IQ to address security gaps in critical infrastructure
Vantage IQ is built to enhance threat detection and remediation with AI-assisted data analysis to help security teams reduce cyber risks across IT, OT, and IoT devices.
How Northfield Hospital uses AI to minimize risk from cyberattacks
The rural community hospital has turned to AI-enabled protection to have full visibility of its network and understand the threat landscape.
Patch manager Action1 to add vulnerability discovery, prioritization
Upcoming features will add new vulnerability management capabilities to the Action1 patching engine for risk-based patch prioritization. S
11 security tools all remote employees should have
Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.
Is misinformation the newest malware?
Experts say that cybersecurity skills and a whole-of-organization approach can go a long way to tackling misinformation threats.
5 ways threat actors can use ChatGPT to enhance attacks
New research details how attackers can use AI-driven systems like ChatGPT in different aspects of cyberattacks including reconnaissance, phishing, and developing polymorphic code.
5 most dangerous new attack techniques
Adversarial AI, ChatGPT-powered social engineering, and paid advertising attacks are among the most dangerous emerging attack methods, according to SANS Institute analysts.
AI-powered chatbots: the threats to national security are only beginning
As ChatGPT burst on the scene, it became quickly apparent that it holds as many threats as it does wonders. Nation-states around the world are beginning to grapple with the dangers posed by chatbots even as they worry about what comes...
Flashpoint releases Ignite platform with threat intelligence reports, rule-based alerts
New solution taps into dark web, open-source, vulnerability, and threat actor intelligence to deliver risk mitigation and prevention across private and public sector security teams.
OT giants collaborate on ETHOS early threat and attack warning system
Top industrial cybersecurity competitors establish ETHOS, an early warning system that could help spot and avert damaging attacks on operational technology.
The strong link between cyber threat intelligence and digital risk protection
Digital transformation initiatives and hybrid IT increases risk and drives the need for digital risk protection. Threat intelligence programs must accommodate this requirement.
Cyber insurer launches InsurSec solution to help SMBs improve security, risk management
At-Bay Stance aims to address security gaps by centralizing and prioritizing risks, providing support to mitigate and respond to threats in conjunction with cyber insurance coverage.
Lacework adds vulnerability risk management to its flagship offering
Lacework’s risk-based vulnerability management provides customers with contextual scoring to help prioritize patches.
Businesses detect cyberattacks faster despite increasingly sophisticated adversaries
Detection times and ransomware attacks are down but adversaries remain sophisticated, adaptable, persistent, and creative.
Mandiant’s new solution allows exposure hunting for a proactive defense
Mandiant Proactive Exposure Management combines a suite of capabilities to effect exposure hunting, threat correlation, penetration testing, and real-time intrusion defense.
Dissecting threat intelligence lifecycle problems
Following a threat intelligence lifecycle is a best practice, but many organizations have process bottlenecks that impact their entire program.