SafeBreach Director of Research Tomer Bar shares how attacks are conducted, which APT groups have been most active, and how breach and attack simulation can help security teams fight back.
The latest phishing report from Zscaler ThreatLabz shows a 47.2% surge in phishing attacks in 2022 compared to the previous year – driven by cybercriminals using increasingly sophisticated techniques to launch large-scale attacks.
LastPass used Black Hat as the backdrop to announce availability of FIDO2 authenticators, including biometrics such as finger print or face ID and hardware keys, for its passwordless login solution.
Survey data shows threat intelligence provides organizations with access to more advanced data streams, real-time detection capabilities and operational efficiency.
As part of our Year in Review series, we examine how cyber attackers capitalized on security vulnerabilities that emerged with the rush to cloud-based, remote operations, and what security teams did to respond.
As part of our Year in Review series, we examine the growing interest in threat intelligence that was fueled in part by fear of cyberattacks tied to the war between Russia and Ukraine.
As part of our Year in Review series, we examine how organizations continue to grapple with the pace of threats, and have turned to eXtended Detection and Response to gain an edge over attackers.
As part of our Year in Review series, we examine how organizations struggled to obtain a holistic view of all devices and their vulnerabilities, and how to mitigate and fix them to manage risk and ensure compliance.
Timely threat detection is essential. Every second that a malicious actor lingers inside your network, the odds increase that your organization could be the victim of a major malware attack. Nation-state APT actors are especially adept at staying hidden – but if you know what TTPs and IOCs to look for and you have comprehensive visibility into the...
As more organizations adopt multi-cloud strategies, security managers must develop a strategy to consistently protect web applications across hybrid environments, while preserving quality of security and operational efficiency. The traditional approach to application security no longer works in the multi-cloud, and anew approach is needed. Join us...
Tactics of adversaries to infiltrate the software supply chain have grown more sophisticated. Among them: co-opting the names of submissions in public code, with the ultimate goal being to use counterfeit code to compromise networks. How can organizations recognize pockets of risk that may exist within their own development efforts? What preventat...
New analysis from VMware delves deep into the most recent waves of the Emotet botnet, providing never-before-seen insights into the malware delivery mechanism’s malicious components and modules, its execution chains and its software development lifecycle. This webcast will reveal key findings and takeaways from VMware’s researchers, who mana...
Organizations have more security concerns than ever before (due to an increasingly volatile threat landscape, growing attack surfaces, and increased volume and complexity of security threats and alerts) and security operations will continue to be difficult for many organizations to effectively combat without the right combination of technology, in...
How IT risk translates into enterprise risk, and how we tie the two together.
What is IT risk? How has the definition shifted over the years as it relates to overall enterprise risk?What are key drivers of IT risk on a business today?How do you quantify and communicate IT risk in a tangible way? Why IT should be seen as an enabler, rather...
Join this webcast to learn about the findings from the 2023 State of Passwordless Security report and how you can use it to improve your organization’s security posture.
CRA VP of Content Strategy Bill Brenner, Bojan Simic, HYPR’s Co-founder, CEO and CTO and Andrew Shikiar, Executive Director & CMO, FIDO Alliance discuss key tak...
The Managed Detection and Response (MDR) market is heating up as lean security teams lacking the human and financial resources of larger organizations clamor for tools to uncover and stop cyber intrusions more quickly. They understand that when a bad actor penetrates their organization, every second counts. Many have learned this lesson the hard w...
Even cybersecurity pros struggle to address the unique challenges of Kubernetes and container security. It can be disorienting to take a career full of knowledge in more traditional platforms and apply it to the leading edge of declarative infrastructure and microservices. This webcast is designed to help security teams get over the initial cultur...
For developer and AppSec teams alike, securing critical components of the software supply chain, including open source libraries, container images, cloud infrastructure, and developer tools, is increasingly essential. But more often, tracking dependencies to fixing vulnerabilities can still be siloed because common tools and processes to create un...
Cyber risk and business risk are increasingly one and the same, and it’s about time that business-minded executives understood that reality when managing their budgets and agendas. With cybercriminal activity showing no signs of slowing down, companies must understand that a commitment to mitigating cyber risk represents an investment in the busin...
Open source code provides developers with the shortcuts they need to innovate and iterate faster. But due to a host of open source vulnerabilities, some shortcuts are safer than others. Metaphorically speaking, are your organization’s developers taking a well-lit, mapped-out shortcut, or straying down a mysterious, risky, and forebo...
As bad actors look to blur the lines between real and fake, cybersecurity experts need to stay one step ahead of tech-savvy fraudsters. A simple, yet robust set of fraud prevention practices is often the best approach for stopping fraudsters at the gate.In this impactful Q&A webcast, you will see through the lens of two expert solution enginee...
Though red teaming is sometimes perceived as pen testing with the gloves off, in reality, the goal of these engagements isn’t to prove how much damage these skilled testers can do. Modern red teams must set out to provide learning opportunities for organizations and their blue teams, running attack simulations to help teach them how to better prot...
Just because a business is mid-sized doesn’t mean the security risks it encounters are any smaller than those experienced by large enterprises. All organizations, regardless of size, face the same challenges around identity growth and management. A growth that places a greater burden on smaller organizations with limited resources that need to rem...
The U.S. Securities and Exchange Commission’s highly-anticipated new cybersecurity rules are finally in force, and deadlines are approaching quickly. Organizations, both public and private, will now have to take quick action to either establish or transform their cybersecurity programs to come into compliance with these new regulations and prevent...
A company’s data is its lifeblood and must be protected at all costs. But the larger the data pile, the harder it is to manage. Attackers know this and are on a nonstop hunt for holes in your tech stack to exploit. To have a fighting chance, organizations need to approach security as a team sport.In this SC webcast, host Bill Brenner sits down wit...
AppSec has long been considered a subset of IT security, but today’s threats make securing applications an imperative for the entire business. But how do you make it so?In this SC Cybercast, Alex Babar, VP of Solutions for cybersecurity company Brinqa, has a discussion with SC’s Bill Brenner about how Brinqa helped one client on its journey to eff...
Applications and software supply chains are constantly changing. So is the threat landscape.
Vulnerabilities, misconfigurations, exposed secrets, design flaws, sensitive data exposure, etc., will always be inevitable. That’s why application security remains such a vibrant market and why application security teams have a host of tools (SAST, SCA...
A new breed of adversaries has emerged — hybrid attackers. These assailants have mastered the art of combining multiple attack vectors, exploiting vulnerabilities and leveraging identities to execute one of the most devastating cybercrimes of our time — ransomware. Ransomware is not just the end goal; hybrid attackers often use it as part of their...