Lacework Risk Management Offering

Lacework Risk Management Offering

Lacework has added a new vulnerability risk management capability to its cloud-native application protection. The new offering will combine active package detection, attack path analysis, and in-house data on active…
Qualys VMDR 2.0 with TruRisk! Game Changer

Qualys VMDR 2.0 with TruRisk! Game Changer

Qualys announced a new release of its Qualys Vulnerability Management, Detection and Response today. The new solution is designed to deliver insights into an organization’s unique risk posture, along with…
NIST Publication on Supply Chain Risk Management

NIST Publication on Supply Chain Risk Management

The National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for addressing software supply-chain risk, offering tailored sets of suggested security controls for various stakeholders. Software supply-chain…
ICS and SCADA systems under Risk

ICS and SCADA systems under Risk

Government of USA issued a warning that APT actors have new capabilities to gain full system access to multiple ICS and SCADA using multiple tools. The joint advisory issued by…
Threat Modelling With STRIDE

Threat Modelling With STRIDE

Threat Model? A threat model, or ''threat risk model'', is a process that reviews the security of any web-based system, identifies problem areas, and determines the risk associated with each area.…
Cloud ☁️ Security Innovation

Cloud ☁️ Security Innovation

As cloud infrastructure and platform services proliferate in enterprise environments, confidence in the security of the cloud continues to grow, and “cloud-first” strategies are now common even among risk-averse organizations. Still…