Category: Help Net Security

Fortanix announced Key Insight, a new capability in the Fortanix Data Security Manager TM (DSM) platform designed to help enterprises discover, assess, and remediate risk and compliance gaps across hybrid multicloud environments. Data breaches lead to massive monetary losses, hefty…

Read more →

Veracode announced product innovations to enhance the developer experience. The new features integrate security into the software development lifecycle (SDLC) and drive adoption of application security techniques in the environments where developers work. According to a recent study by analyst…

Read more →

Trend Micro launched its new generative AI tool, Trend Companion, designed to empower security analysts by driving streamlined workflows and enhanced productivity. “Stretched security operations teams are struggling with the sheer volume and complexity of threat data. Trend Companion is…

Read more →

The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive data to unauthorised parties.”…

Read more →

Trellix announced its generative artificial intelligence (GenAI) capabilities, built on Amazon Bedrock and supported by Trellix Advanced Research Center. Amazon Bedrock is a fully managed service from AWS making foundation models (FMs) from leading AI companies accessible via an API…

Read more →

A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a…

Read more →

OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0 This release incorporates the following potentially significant or incompatible changes: The default SSL/TLS security level…

Read more →

AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes a Lambda function and proof of concept client. You can either adopt this client or…

Read more →

The threat landscape is evolving by the minute, with both malicious actors and well-intentioned researchers constantly on the hunt for new attack vectors that bypass security controls and gain control of systems and applications. In fact, thousands of new vulnerabilities…

Read more →

Companies need help to get visibility into the operations of their AI programs, potentially reducing productivity while creating significant risks around governance, data security, and more. In this Help Net Security video, Neil Cohen, Head of Go-To-Market at Portal26, discusses…

Read more →

In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in cybersecurity. Zhang explores the intricate balancing act that researchers must perform when navigating the interests of…

Read more →

Cyber resilience is the capacity of an organization to maintain its core functions and swiftly adapt to, respond to, and recover from cyber threats. A cyber-resilient organization recognizes that cyber threats are inevitable and constantly evolves its strategies to address…

Read more →

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PolarDNS: Open-source DNS server tailored for security evaluations PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable…

Read more →

The Network and Information Systems Directive (NIS2), due to come into effect in October 2024, seeks to improve cyber resilience in the European Union (EU). Its effects are likely to be wider reaching, though, bringing in more stringent processes and…

Read more →

In this Help Net Security video, Tanneasha Gordon, Deloitte Risk & Financial Advisory’s data & privacy leader, discusses how many executives realize that trust is crucial to driving brand value and earning sustained customer loyalty. Privacy programs, data protection safeguards,…

Read more →

Network security is both the top challenge and the top investment priority for enterprise IT leaders, according to ISG. Network security challenges 60% of respondents to the ISG survey on network modernization ranked network security among their top five challenges,…

Read more →

AI continues to evolve to improve both cyber defense and cyber criminal activities, while regulatory pressures, continued consolidation, and geopolitical concerns will drive more proactive cybersecurity efforts with contextual threat intelligence, according to Cybersixgill. As organizations increasingly adopt Threat Exposure…

Read more →

Cybellum announced that its Product Security Platform has been formally designated as “CWE-Compatible” by the MITRE Corporation’s Common Weakness Enumeration (CWE) Compatibility and Effectiveness Program. The designation means that Chief Product Security Officers (CPSOs) and their teams are able to…

Read more →

Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs. These attacks comprised 73% of all website and app traffic measured. In other words, almost three-quarters of…

Read more →

2023 proved to be another challenging year for companies combating supply chain security and breaches. The 2024 outlook could be worse as attacks become increasingly sophisticated. In this Help Net Security video, Fei Huang, VP of Security Strategy at SUSE,…

Read more →