Security News

The February 2024 Patch Tuesday was pretty typical, with the standard Microsoft Windows, Office, and Exchange Server updates. Before we get to the March 2024 Patch Tuesday forecast, I want to provide information on the updated NIST framework.

Python Risk Identification Tool is Microsoft's open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. It started as a collection of individual scripts used during the team's initial foray into red teaming generative AI systems in 2022.

Overcoming the pressures of cybersecurity startup leadershipIn this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO's leadership philosophy, the process of building a high-caliber team, and the unique challenges of navigating a startup in the tech industry. How organizations can navigate identity security risks in 2024In this Help Net Security interview, Deepak Taneja, CEO of Zilla Security, discusses identity security risks and threats.

The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. The CSF's governance component emphasizes that cybersecurity is a major source of enterprise risk that senior leaders should consider alongside others such as finance and reputation.

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology has released version 2.0 of its Cybersecurity Framework. Unlike the original, which was designed with critical infrastructure sectors in mind, CSF 2.0's scope has been expanded to suitable security tips for organizations in any sector and of any size "Regardless of their degree of cybersecurity sophistication," NIST said.

The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of...

Fabric is an open-source framework, created to enable users to granularly apply AI to everyday challenges. "I created it to enable humans to easily augment themselves with AI. I believe it's currently too difficult for people to use AI. I think there are too many tools, too many websites, and too few practical use cases that combine a problem with a solution. Fabric is a way of addressing those problems," Daniel Miessler, the creator of Fabric, told Help Net Security.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to...

NIST CSF is based on existing standards, guidelines, and practices for organizations to manage and reduce cybersecurity risk better. It was designed to foster risk and cybersecurity management communications amongst internal and external organizational stakeholders.

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.