Security News

Qualys CyberSecurity Asset Management 3.0 consolidates asset discovery and risk assessment into a single solution. A key differentiator of Qualys CyberSecurity Asset Management 3.0 is in the way its External Attack Surface Management technology works.

The Tor Project has released Tor Browser 13.5, bringing several improvements and enhancements for Android and desktop versions. The Tor Browser is a specialized open-source web browser designed for anonymous browsing by routing the user's traffic through thousands of volunteer-run servers called nodes/relays, which constitute the Tor network.

As we integrate AI more deeply into vulnerability management processes, organizations can expect enhanced security postures and a shift towards a more proactive and predictive approach to handling cybersecurity threats. AI has some major limitations and even security concerns, especially regarding vulnerability management.

Your business, attack surface, and threat landscape are not static-they are constantly changing. New vulnerabilities are disclosed hourly, new exploits for old vulnerabilities are publicly released, and threat actors update their techniques continuously.

A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. ...

More remote work and a focus on resource planning are two trends driving changes in project management software in APAC and around the globe. Celoxis’ Ratnakar Gore explains how PM vendors are...

What are some patch management best practices and techniques? Following patch management "Golden rules" such as patching on test machines and organizing rollout beforehand.

As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health has announced the Universal PatchinG and Remediation for Autonomous DEfense program aimed at developing a vulnerability management platform for healthcare IT teams. CVE-2023-43208, an easily exploitable unauthenticated remote code execution vulnerability affecting NextGen HealthCare's Mirth Connect data integration platform, has been patched by the company and publicly disclosed by Horizon3.

Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large...

Best encryption key management software compared Software Highlight security features Deployment experience Free plan or free trial Starting price Microsoft Azure Key Vault: Best overall FIPS 140-2 Level 2 hardware security module encryption Initial setup can be tricky Free trial Flat rate of $0.03 per 10,000 operations. GnuPG: Best for PGP encryption PGP encryption, auditing and compliance capabilities Easy to use, especially for command line users Free Free Seahorse: Best for a user-friendly interface Auto-saving passwords to a keyring Lacks documentation for casual users Free Free Google Cloud Key Management: Best for a cloud-based option Provides an external key manager that allows granular control over data Easy to use None $0.06 per month HashiCorp Vault: Best for secret keys Open-source and self-hosted; dynamic secrets/just-in-time secrets Can be complex; takes time to learn Free with limited features.