Third-party risk management (TPRM) is more important now than ever. The practice extends far beyond "checking the box" for compliance. And while compliance is a critical component, recent market turbulence has organizations prioritizing business continuity, financial due diligence, and business resilience. How can you...
Apple and Google have released new APIs designed to support contact-tracing apps being developed by governments to help combat the COVID-19 pandemic. Already at least three U.S. states and 22 countries have expressed interest in using the APIs to build their apps.
APIs are increasingly being used to power new customer facing applications, connect with partners and drive microservices environments, but they also constantly expose and exchange sensitive data, making them an increasing target for attackers.
As with all things security there is no silver bullet to protect you...
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
APIs ubiquitous in the enterprise today, being exposed to customers, partners and applications. But because they are relied on so heavily, they also are targeted by cybercriminals.
There are more attacks over APIs than on traditional web channels primarily because it's simply easier to attack these...
The process of onboarding vendors has become complicated because of concerns about cybersecurity. To prevent data breaches caused by a third party vendor, security professionals demand that vendors demonstrate and maintain a strong cyber posture.
Effectively checking vendors' cyber posture can be extremely...
Ready for Office 365? Already deployed but running into problems? Either way, there are some secrets to deployment that can put you on the road to success. Even though these tips have been discussed-even by Microsoft-many companies discover deployment problems the hard way.
Download this document learn some of the...
The need for speed is at the heart of why business implement digital transformation strategies. Security professionals charged with protecting digital assets feel the pressure to keep up with the speed of business, but moving fast introduces challenges and uncertainties about where attacks/vulnerabilities are hiding...
To better understand the state of web application security, Radware commissioned a third annual global survey of senior executives, security researchers, application developers and IT professionals at companies with worldwide operations.
Download this survey report to better understand how the adoption of...
Over the last few years, cyber-attacks on Operational Technology (OT) have increased rapidly in frequency and scale. The cyber-threat to critical infrastructure and other key operational systems is now front and center of
national security concerns. There is a new frontline in cyber defense where protecting against...
It's time for a new approach to application security
While applications have moved to-cloud and users are accessing them from everywhere, the way enterprises provide secure access to apps has largely remained unchanged. Teams in the midst of a cloud transformation must ensure that their applications remain secure no...
Ready for Office 365? Already deployed but running into problems? Either way, there are some secrets to deployment that can put you on the road to success. Even though these tips have been discussed-even by Microsoft-many companies discover deployment problems the hard way.
Download this document learn some of the...
The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure.
If your organization does software development in-house, there are a myriad of development workflows and processes to choose from. Some organizations still implement old-school waterfall development workflows; some are agile shops. In terms of process, some have adopted DevOps, and some integrate security testing into...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing gdpr.inforisktoday.com, you agree to our use of cookies.
