Smart companies know the best offense against security threats is a strong defense. And what type of defense is the most successful, you ask? Educating Employees! A stunning 91% of data breaches start with employees, making it essential for organizations to educate all employees on the threats associated with today's online world. [...]
A report accompanied with a rating taxonomy aimed to help researchers and customers to determine appropriate payouts for bugs found by researchers in bug bounty programs has recently been released by Bugcrowd. These tools, especially the Vulnerability Rating Taxonomy (VRT), which details a number of vulnerabilities, classified by severity, are not only useful in the [...]
Cross-site scripting (XSS) is a security vulnerability allowing a user to alter the code that an application delivers to a user which is executed in the user’s web browser. It is most commonly found in web applications affecting the user's browser, but also possible in other applications with embedded web content, such as an interactive [...]
On February 9th President Obama announced the Cybersecurity National Action Plan, including steps such as establishing a cybersecurity commission, introducing new safeguarding measures and supporting both companies and consumers in strengthening their own security. He’s also put the money where his mouth is and backed this up by reserving $19billion of spending to implement the [...]
Many businesses understand that it’s important to properly manage their web application security. But in truth, it goes far beyond the need to simply “avoid being hacked”. There are often serious liabilities associated with the failure to properly manage your security. Unfortunately, many of those liabilities are an afterthought. Until of course, there is a [...]
A few weeks back Alert Logic released their latest cloud security report. The report highlights the current rise in web application attacks. In short it states “‘Businesses with a large volume of online customer interactions are targeted for web application attacks in order to gain access to sensitive customer & financial data". This 45% increase [...]
Locking the doors and windows to your house won’t stop someone from getting in if they are really determined. However, it is still a lot harder than opening an unlocked door or window. Breaking into a locked house, takes a lot more time and typically when someone forces their way in, they are bound to [...]
Linux Kernel Vulnerability and how to fix it A flaw in the Linux Kernel has made big news lately, labelled as a local privilege escalation vulnerability. In fact, the company ‘Perception Point’ which released news of the flaw is under criticism as after reporting it to the Linux kernel maintainers, who were then developing a [...]
While not being in the worst performing sector for security, retail is one of the biggest targets for attackers and a number of breaches hit the headlines in 2015, the most well known being chain store Target. As retailers process a large volume of payments, they are an obvious target for the theft of financial [...]
'Top CISO Awards' will felicitate organizations (and the people within them) that are using information security technology in innovative ways to secure their business and mission critical information in the most effective manner and deliver business value, by creating competitive advantage, optimizing business processes, enabling growth or improving relationships with customers. Information security is vital for [...]
