Nearly all cloud security incidents are due to customer misconfigurations. Chris Hughes explains how cybersecurity hygiene addresses the problem.
vulnerability
CISO Frank Domizio looks at common security vulnerabilities in the retail industry and offers practical ways to mitigate them and boost resilience.
Software bills of materials are important because they serve as standardized artifacts in developmental processes, as well as for security and compliance.
Kieron Allen looks at new data from Cyberseek regarding a shortage of skilled cybersecurity professionals, and what this means for organizations.
Wayne Sadin explains why multiple updates to crew scheduling software SkySolver won’t fix Southwest Airlines technical debt issues.
Do you know how to respond after a security breach has happened? This “for CISO, by CISO” guidebook provides first-person actionable insights from practitioners.
The capabilities of Snyk for automatic discovery & remediation have positioned it to shift security left. However, vendor solutions only go so far.
Bill reconnects with Sonatype Co-founder Brian Fox to find out why it’s taken so long for organizations to respond to the Log4j vulnerability, which was first discovered a year ago.
Bill summarizes the main points from Endor’s 2022 State of Dependency Management study to better understand how cybersecurity professionals should respond to OSS vulnerabilities.
After a breach, you’ll want to stop data loss as soon as possible, but it comes with risks and other drawbacks. Frank shares tips to arm you with the knowledge, options, and flexibility to advise your business on the right approach.
CISO Robert Wood details three techniques to analyze security breaches so that organizations can prevent them in the future.
In episode 32, Chris looks at a new Cybersecurity Infrastructure Security Agency post that focuses on three critical steps for advancing vulnerability management across the ecosystem in IT.
Security and data breaches aren’t all bad news; they’re also opportunities to build on lessons learned and correct deficiencies, as Chris explains.
Analyst Chrus Hughes takes a look at EPSS, a new approach to evaluating vulnerability that takes into account not only criticality and scores, but also exploitability.
Cybersecurity analyst Robert Wood explains how secure defaults save time and energy for engineers and development teams.
What’s in a vulnerability score? Chris Hughes explains what these are, where they come from, and how cybersecurity professionals should approach them.
When managing threats, no organization has the same exact needs. Robert Wood shares four factors to look at to help find solutions that fit, no matter the scenario.
In the Data Revolution podcast premiere episode, Pablo hosts CEO Joseph Derflinger and CTO See Wan Toong to discuss their studio’s new game ‘Reign of Terror.’
Chris addresses reports that more than 80% of Kubernetes API servers are exposed to the public internet.
As technological systems become more complex through Cloud, microservices, IoT, and more, the need for sound vulnerability management is even more paramount.