Threat and Vulnerability Management

Threat and Vulnerability Management | News, how-tos, features, reviews, and videos

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]
News Analysis

LiveAction adds new SOC-focused features to ThreatEye NDR platform

eliminate insider threats 1
Feature

Recent cases highlight need for insider threat awareness and action

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.
News

One in 10 employees leaks sensitive company data every 6 months: report

Departing employees are most likely to leak sensitive information to competitors, criminals or the media in exchange for cash.

cyber security concept hooded hacker
News

Hands-on cyberattacks jump 50%, CrowdStrike reports

Malicious hackers hone their tradecraft, reducing the time it takes to move from an initial compromised host machines to other components in enterprise networks, CrowdStrike says.

Cyber warfare > Russian missile launcher / Russian flag / binary code
Feature

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

News

Top cybersecurity products unveiled at Black Hat 2022

Here are some of the most interesting new products launched at Black Hat USA 2022, including zero trust, extended detection and response (XDR), and a host of other threat and vulnerability management offerings.

Security system alert, warning of a cyberattack.
News

CrowdStrike adds AI-powered indicators of attack to Falcon platform

The new feature leverages millions of examples of malicious activity to more accurately identify signs of an attack.

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.
News

Palo Alto debuts Unit 42 team for managed detection and response

Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.

Microsoft logo
News

Microsoft boosts threat intelligence with new Defender programs

Drawing from its acquisition of RiskIQ, Microsoft is releasing Defender External Attack Surface Management and Defender Threat Intelligence.

Red team > Double-exposure with team, cityscape + abstract data / teamwork / collaboration
Feature

11 stakeholder strategies for red team success

These best practices will help ensure a successful red team exercise by getting all the stakeholders on the same page.

22 dg 040 watch out 2022 top global cloud threats
News

CrowdStrike enhances container visibility and threat hunting capabilities

The cloud-native security provider wants to help customers gain visibility into all of their containers, as well as uncover a growing array of threats across multicloud environments.

detection radar computer bug threats identify breach by the lightwriter kao studio getty
News

Deloitte expands its managed XDR platform

New additions beef up intelligence gathering, threat hunting, and mobile device security.

eye binary IDS Intrusion Detection System
News

Orca adds detection and response capabilities to its agentless cloud security solution

New feature gives users full visibility into cloud environments to thwart workload and non-workload attacks.

Microsoft > Excel [Office 365]
How-To

How to manage Microsoft's Excel and Office macro blocking

Microsoft's reversal of its blocking by default on Excel macros creates an opportunity to improve policies and processes around Excel and Office macro use.

A human face emerges from an abstract virtual landscape of metallic cylinders.
News

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats

Darktrace claims its AI-driven portfolio works together autonomously to optimize an organization’s security through a continuous feedback loop.

A broken link in a digital chaing / weakness / vulnerability
News

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies.

CSO > danger / security threat / malware / grenade-shaped flash drive
Opinion

How you handle independent contractors may determine your insider threat risk

Outside experts can be willing or accidental security threats. Reduce that risk by changing how you onboard, train and offboard them.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa
Feature

Why more zero-day vulnerabilities are being found in the wild

With the number of zero-days spiking in the last 18 months, organizations need to increase their patching efforts. Software vendors can be more transparent, too.

Cyber warfare > Russian missile launcher / Russian flag / binary code
News Analysis

Microsoft's Defending Ukraine report offers fresh details on digital conflict and disinformation

Russia will use what it learned from its destructive cyber actions in Ukraine for other operations. "There is no going back to normal."

Insider threats > Employees suspiciously peering over cubicle walls
Opinion

MITRE's Inside-R Protect goes deep into the behavior side of insider threats

The new Inside-R program looks to collect historical insider threat data to more deeply analyze behaviors that signal risk.

Load More