Identity, observability, log management and cloud security have been CrowdStrike's biggest areas of investment during 2022, says CTO Michael Sentonas. The company protects against the abuse of identities through a stand-alone capability embedded on the Falcon sensor.
Infoblox has invested in shifting left in the cybersecurity kill chain with on-premises, cloud and hybrid versions of its BloxOne Threat Defense tools, which help security practitioners find and identify threats earlier and mitigate risks, says President and CEO Jesper Andersen.
Marketers rely on events to create brand awareness and generate demand, and physical events are coming back after the COVID-19 pandemic, says Gily Netzer of Perimeter 81. But "not everybody is traveling," she says, so hybrid events - and SaaS-driven corporate networks - are the future for companies.
Companies continue to struggle with prioritizing which vulnerabilities present the greatest risk to the business and need to be remediated first since vulnerability scoring is too often based on a static set of what could happen if an issue is exploited, says Qualys President and CEO Sumedh Thakar.
SIEM can play a key role in aggregating log data for compliance or auditing purposes, but when it comes to identifying threat activity in an IT environment, nothing beats XDR, which excels at using advanced techniques to pinpoint threats in high volumes of data, says Secureworks' Ryan Alban.
Hybrid war includes cyberattacks, critical infrastructure attacks and efforts to get information. Victoria Beckman, director of Microsoft's Digital Crimes Unit in the Americas, says Ukraine used a national cybersecurity strategy to withstand such attacks from Russia and so can other countries.
The ISMG Security Report discusses how cyberattacks and operations tied to the Russia-Ukraine war have been affecting civilians since the start of Russia's invasion, whether a practicing cardiologist living in Venezuela is also a ransomware mastermind and effective bot management tooling strategies.
In this episode of "Cybersecurity Unplugged," Apiiro's Moshe Zioni, vice president of security research, discusses the company's "Secrets Insights 2022" report on the real-world risks of hardcoded secrets across the software supply chain and how to mitigate the potential damage they can cause.
It's not enough for medical device makers to provide a software bill of materials - there also needs to be close attention paid to how vulnerabilities in components are communicated and managed, says medical device security expert Ken Hoyme.
The ongoing Russia-Ukraine war has featured cyber operations being used to target Ukraine as well as Russia. But CyberPeace Institute, which tracks cyberattacks tied to the conflict, has so far seen 27 different countries being affected by more than 300 attacks, and many have affected civilians.
In this episode of "Cybersecurity Unplugged," Yonatan Khanashvili describes in detail how Golden Security Assertion Markup Language attacks occur and how SOC platforms with much greater capacity to cross-correlate data than legacy SIEMs can help defenders detect and hunt for them.
Increased collaboration between the public and private sectors hasn't slowed the increased frequency and ease of ransomware intrusions, but efforts to change the financial incentives of ransomware are having "a pretty good effect," says Marc Rogers, vice president of cybersecurity strategy at Okta.
The impending recession should accelerate cloud adoption as firms look to reduce infrastructure costs, but these moves will introduce a new set of security challenges. Arctic Wolf Chief Product Officer Dan Schiappa predicts many companies will start building security into their applications sooner.
Is a practicing cardiologist living in Venezuela also a ransomware mastermind? U.S. prosecutors claim Moises Luis Zagala Gonzalez is a cybercriminal polymath. But Zagala's wife says he is innocent and there's a reason for his predicament. "The Ransomware Files" podcast looks at the evidence.
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.