Despite all the platformization buzz, there are very few vendors with market-leading capabilities in at least three disparate security technology categories. That could change if Google forges buys cloud security firm Wiz for a reported $23 billion just two years after buying Mandiant.
The theft of terabytes of Snowflake customers' data through credential stuffing hacks highlights how multifactor authentication shouldn't be optional for safeguarding accounts. Experts are calling on providers to build in more robust identity and authentication security features, at no extra cost.
Security researchers identified an attack method against a commonly used network authentication protocol that dates back to the dial-up internet and relies on an obsolete hashing function. Researchers say "a well-resourced attacker" could make it practical.
In the wake of multiple customers of Snowflake collectively losing terabytes of data to attackers, the cloud-based data warehousing platform has rolled out a swath of cybersecurity improvements, including allowing administrators to make multifactor authentication mandatory for all users.
The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.
Brent Deterding, CISO at Afni, explained why simple security measures, such as YubiKeys and domain joins, can effectively neutralize sophisticated AI-driven attacks. He also discussed leadership in cybersecurity and the role CISOs play in determining materiality for SEC reporting.
Despite the acknowledgement that protecting identities is the key to securing data, identity-related breaches continue to make headlines. Crystal Trawny of Optiv and Barak Feldman of CyberArk discuss a new way to approach privileged access management.
Cisco remained atop Forrester's OT security rankings, Palo Alto Networks climbed into the leader space, and Claroty and Tenable fell to strong performer. The transition from a network-centric to an asset- and data-centric security model has introduced challenges, especially with legacy equipment.
Jana Partners announced a "significant" stake in Boston-based Rapid7 on Wednesday and plans to push the vulnerability management firm to sell itself. The activist investor is working with investment firm Cannae Holdings and wants Cannae to team up with a private equity firm to buy Rapid7.
Identity startup Semperis has secured $125 million in growth financing to expand its engineering team and develop new product extensions to meet market demands. Strategic partnerships with J.P. Morgan and Hercules Capital also pave the way for potential future acquisitions.
With $150 million of Series D funding led by Kleiner Perkins, Meritech Capital and Sapphire Ventures, Huntress is set to build or buy posture and recovery capabilities for endpoint and identity protection and enhance educational initiatives to counter the accelerating pace of cyberthreats.
Multifactor authentication is a must-have security defense for repelling outright credential stuffing and password spraying attacks. But no defense is foolproof. Attackers have been refining their tactics for bypassing MFA, including using technology and trickery.
Organizations are moving from traditional perimeter-based security to identity-based security. This shift focuses on continuous identity verification rather than assuming internal users are automatically trusted, said Vivin Sathyan, senior technology evangelist, ManageEngine.
Traditional hiring methods often emphasize educational background and work experience, but the White House is encouraging efforts to transition federal and contractor roles to a skills-based framework. Here's how and why to consider taking this approach.
A promise of better security through biometrics fell short after security researchers dismantled an access system made by a Chinese manufacturer and discovered that it contained 24 vulnerabilities. ZKTeco specializes in hybrid biometric verification technology.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.