OWASP selected eight of the ten categories from contributed data and two categories from the Top 10 community survey at a high level. AppSec (Application security) researchers attempt to find new vulnerabilities and new ways to test for them. Because of the nature of the testing, it takes time to integrate these tests into tools and processes.find out more
During the worst of the covid crisis, organisations implemented many security strategies to deal with the new way of working in the short term. Therefore, they executed them as one-off projects to cover all bases. However, after covid lockdowns, organisations have found a need for long-term strategies for cyber security.Find out more
In the world of cybersecurity, the more you know about threat actors, the better placed you are to counteract and manage cyber threats and attacks. But what is a threat actor? We can define a threat actor as a person, group, or entity performing a cyber-attack designed to impact an organisation negatively.Find out more
A cybersecurity incident response team (also known as CSIRT) is a team of cybersecurity experts available to deal with an incident occurring in an organisation. The team can be either internal or external, this depends on the nature of the incident and whether the team is equipped to deal with it effectively.Find out more
It’s an exciting concept and one that many people don’t grasp. All organisations today can potentially fall victim to a cyber-attack or cyber security outage, which can cause severe damage to its ability to operate and its infrastructure. It’s more than just cyber security awareness; it requires the whole workforce to know what the risk is and the processes that need to be followed to avoid this risk.Find out more
There have been many participants in Cybersecurity Awareness Month, such as DHS Secretary Janet Napolitano back in 2009. In 2010 during the STOP. THINK. CONNECT campaign, former U.S. President Barack Obama used this phrase as a national cybersecurity education and awareness message.
Cybersecurity Awareness Month has also had many themes to help articulate the different aspects of cybersecurity, such as education, cybercrime, law enforcement, mobility, critical infrastructure for any organisation from small to large.Find out more
Defining a clear strategy when establishing an organisation’s SOC helps to align business goals. Developing the strategy using an assessment is the best way to identify gas and potential vulnerabilities.
After this assessment, the team can create a clear, comprehensive set of processes, helping to guide the SOC team in operating, monitoring, detecting, responding and reporting as suggested above.
As a result of the fluid and ever-evolving threat landscape, this strategy will need reviewing periodically, helping to keep ahead of any new emerging risks and vulnerabilities.Find out more
While many threat and risk management solutions help organisations deal with low-level security events with automated responses, having an incident response plan, delivered by an experienced team will determine your success in responding to an attack.Find out more
Used by organisations to detect and prevent malicious activity in an organisation, Network Detection and Response describes a category of security solutions that are used to investigate and mitigate the risk of attackers. It is a progressive security solution providing a centralised machine-based analysis of network traffic and response solutions.
NDR solutions provide a single solution for visibility across on-prem, remote, and cloud environments.Find out more
How can you ensure you have outsourced your penetration testing requirements to the right provider?Find out more
Network scanning can help organisations know what vulnerabilities are present in their network and its connected devices. Scanning your network in this way can help find current vulnerabilities and find potential security flaws. You can ensure that your organisation has the proper security controls and measures in place to prevent and best protect your network against malicious attackers.Find out more
Vulnerability management is the process of finding and patching vulnerabilities in your network security to protect an organisation’s networks against malicious cyberattacks. It is an ongoing program utilising a wide variety of technologies to identify and remediate vulnerabilities in your network to keep your organisation safe from cyber attacks.Find out more