Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken time to "pause and reflect" and "define a new vision and mission" for CREST.
Web application attacks are one of the top causes of data breaches. Learn how to bolster the security of your applications with this comprehensive guide to penetration testing, based on two decades of experience and thousands of engagements.
Whether you’re embarking on your first application pen test, or you’ve...
A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.
How do you figure out whether you’re ready for a pen test, a Red Team engagement, or a combination? One in five organizations do not test their software for security vulnerabilities, and even more aren't aware that you can combine both of these strategies to assess your network's security from all angles. Stop...
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
Vulnerabilities do not provide a comprehensive threat landscape but allow companies to feed their own risk analysis or an initial risk assessment. To provide insight into the threat landscape for ICS, Verve’s research team looked at updating the analytical comparison completed last year regarding the trend of ICS...
In today’s dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
“The only way to see if all these products have...
With cybercrime on the rise, unpublished vulnerabilities are the unknown menace threatening organizations today. This guide explores the different ways a company can use a black box fuzzing tool, to keep control of their software, products, and devices.
A Zero Trust strategy means there are no trusted users or assets, everything is checked and verified before access is granted for a limited time. This guide will help you and your team establish the right environment for a successful Zero Trust program.
The apps your dev teams are building have changed, your security tools should too. Digital transformation, omnichannel marketing and directly connecting with customers among other key business imperatives have accelerated application development cycles. Development teams have widely adopted agile development practices...
CISO’s need a plan of attack for their external digital risks. A major factor in your success is embracing ASM and making the most out of your investment.
Register today for this interactive webinar with Brad LaPorte, Gartner Veteran and industry expert, to learn how 5 use cases (that every security team must...
Its all-hands-on-deck when a massive vulnerability such as Log4Shell arises, or a vendor announces a newly discovered breach. When headline events happen, security teams must act quickly to determine whether or not their environment has been impacted, then respond appropriately.
Responding to major new cyber events...
In today's dynamic environment, with the proliferation of a wide array of different security products and the high chance for misconfigurations, testing security is more imperative than ever, says Scott Register, vice president of security solutions at Keysight.
Attention to anyone who manages a Microsoft Windows environment: Security researchers are tracking a zero-day vulnerability in Microsoft Office that's being actively exploited by attackers to run malicious code on a vulnerable system.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
