Security News

Microsoft has announced a new security product allowing security teams to spot Internet-exposed resources in their organization's environment that attackers could use to breach their networks. Dubbed Microsoft Defender External Attack Surface Management, this new product provides customers with an overview of their businesses' attack surface, making it simpler to discover vulnerabilities and block potential attack vectors.

Kolide notifies your team via Slack when their devices are insecure and gives them step-by-step instructions on how to solve the problem. For IT admins, Kolide provides a single dashboard that lets you monitor the security of your entire fleet, whether they're running on Mac, Windows, or Linux.

If you're a cloud service vendor, you should be prepared to answer this question from your customers: How can you prove your security and privacy practices are truly secure? An external review validates your existing security practices.

UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph - through enrollment agencies and registrars and provides authentication-as-a-service using Aadhaar numbers. More than a billion Aadhaar IDs have been issued and over 99 per cent of India adults have enrolled in the scheme.

Attracting talent with nontraditional skills to audit is the top challenge for audit leaders this year, according to Gartner. A July 2021 survey of 166 audit leaders revealed that making the leap to more advanced analytics applications, improving IT auditing practices, and providing sufficient assurance over cybersecurity were also serious concerns for audit leaders in 2022.

Lynis is more than just a rootkit detector, as it makes it possible to run detailed auditing of your Linux servers for numerous security issues as well as misconfigurations. I want to walk you through the process of installing Lynis and running a scan on AlmaLinux.

As part of a SOC2 audit, it is necessary to conduct security checks across the company's SaaS stack that will look for misconfigured settings such as detection and monitoring to ensure continued effectiveness of information security controls and prevent unauthorized/ inappropriate access to physical and digital assets and locations. If you're beginning or on a SOC2 audit journey, then an SSPM solution can streamline the process and shorten the time it takes to pass a SOC2 audit successfully, fully covering your SaaS Security posture.

Specops Password Auditor is a read-only tool that scans your Active Directory and identifies password-related vulnerabilities. The collected information generates multiple interactive reports containing user and password policy information.

A research from Vanson Bourne examines how financial services are faring with the ever-increasing challenge of audit overload. The study, which surveyed 200 U.S. IT security professionals in the financial services industry, revealed that 97 percent financial institutions experience challenges when working on audits. The state of the financial services' audit process Financial organizations spend an average of 71 working days each quarter responding to audit evidence requests, have an average of 13 different IT security compliance and privacy regulations with which they must comply, and have an average of 54 dedicated people who work on IT security compliance and/or privacy regulations.

COVID-19 stretched organizational resources and unleashed new risks on a global basis, prompting an ongoing pivot by internal audit departments to address the evolving challenges, according to a survey by AuditBoard. "COVID-19 created what is arguably the greatest disruption for organizations as well as for internal auditors, due to their enterprise-wide role," said Richard F. Chambers, AuditBoard Senior Internal Audit Advisor, who authored the report.