Every organization has employees distributed across multiple locations, such as headquarters and branch offices. With the Covid-19 pandemic, remote working from home has become a norm. Wherever they are, a company’s staff will need to access IT services, applications and data that are also spread out over a number...
Rising offensive cyber star NetSPI has received a massive follow-up investment from KKR to pursue acquisitions and expand its technological and geographic footprint. KKR's $410 million bet comes on the heels of 50% organic sales growth for NetSPI in 2021 and 61% sales growth thus far in 2022.
Over the past few years, the concept of vulnerability management has grown beyond crucial network scans to include the security of applications and a growing number of endpoints. It’s the cornerstone of a proactive security strategy that incorporates the best of both offensive and defensive security tactics.
Cymulate has raised $70 million to strengthen its presence in new areas such as attack surface management and continuous automated red teaming. The company plans to deepen its wallet share among midmarket customers by working more closely with managed security service providers.
In today's dynamic threat environment, security teams must adopt a risk-based approach, prioritizing the most important areas of their organization. They also should not be afraid to seek outside help. Murtaza Hafizji of Bugcrowd discusses the merits of crowdsourced security.
HelpSystems acquired Dutch red-teaming startup Outflank to help critical infrastructure firms more effectively prepare for cyberattacks. The buying of Outflank will provide clients with a broader range of red-teaming software and services thanks to Outflank's tight integration with Cobalt Strike.
Tenable wants to help the cybersecurity industry move away from traditional vulnerability management focused on giving customers a list of vulnerabilities. Instead, CEO Amit Yoran wants to help customers understand their exposure and how they can effectively manage and reduce risk.
CISOs have enough tools to identify security weaknesses, says Yoran Sirkis, but they need a way to make the information those tools gather more accessible and to streamline the remediation process. The CEO of Seemplicity discusses how its platform can help security leaders manage remediations.
Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken time to "pause and reflect" and "define a new vision and mission" for CREST.
Web application attacks are one of the top causes of data breaches. Learn how to bolster the security of your applications with this comprehensive guide to penetration testing, based on two decades of experience and thousands of engagements.
Whether you’re embarking on your first application pen test, or you’ve...
A well-managed multi-cloud strategy "is a sensible approach" because it allows organizations to move different workloads between providers, but it gets a "bit more complicated when you start thinking about workload portability," says Lee Newcombe, security director, Capgemini U.K.
How do you figure out whether you’re ready for a pen test, a Red Team engagement, or a combination? One in five organizations do not test their software for security vulnerabilities, and even more aren't aware that you can combine both of these strategies to assess your network's security from all angles. Stop...
Supply chain risk must be part of an enterprisewide risk management program framework, says information security manager Matt Marciniak of financial service firm Quantile. Reducing risk requires an agile approach to supplier management, he says.
A Zero Trust strategy means there are no trusted users or assets, everything is checked and verified before access is granted for a limited time. This guide will help you and your team establish the right environment for a successful Zero Trust program.