A Secure Access Service Edge (SASE) Guide for Leaders

Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...

The Company You Keep – Preparing for supply chain attacks with Talos IR

Given the increasing frequency of supply chain attacks, the sophistication of those attacks, and the expansion of the attack surface beyond an organizations direct control, incident preparedness and response activities must be considered in the overall supply chain risk mitigation strategy. Suppl...

Attack Surface Management 2022 Midyear Review Part 3

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year...

Attack Surface Management 2022 Midyear Review Part 2

In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year...

CISA BOD 23-01: Meeting and Exceeding CISA Requirements with Qualys

The latest Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency CISA BOD 23-01 requires agencies to implement an essential cybersecurity practice within the next 6 months. While this new mandate impacts agencies directly, it also impacts their supply chain...

Addressing the Evolving Attack Surface Part 1: Modern Challenges

Lately, we’ve been hearing a lot from our customers requesting help on how to manage their evolving attack surface. As new 0days appear, new applications are spun up, and cloud instances change hourly, it can be hard for our customers to get a full view of risk into their environments. We put...

Microsoft Windows Print Spooler Elevation of Privilege Vulnerability

Print Spooler is a print background processing service that manages all local and network print queues and controls all print jobs.An elevation of privilege vulnerability exists in Microsoft Windows Print Spooler, which stems from improper privilege assignment in the application and can be...

Secure Web Gateway (SWG) Security - SASE Part 3

Explore why secure web gateway SWG is important to effectively secure cloud resources and reduce cyber risk across the attack surface...

Detecting and preventing LSASS credential dumping attacks

Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...

Common Cloud-Native Security Misconfigurations & Fixes

Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them...

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Rapid7 Strengthens Market Position With 360-Degree XDR and Best-in-Class Threat Intelligence Offerings Time flies… and provides opportunities to establish proof points. After recently passing the one-year milestone of Rapid7’s acquisition of IntSights, the added value threat intelligence brings t...

Control System Defense: Know the Opponent

Summary Traditional approaches to securing OT/ICS do not adequately address current threats. Operational technology/industrial control system OT/ICS assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for...

Limiting the Software Supply Chain Attack Surface

Limiting the Software Supply Chain Attack Surface By Trellix · September 21, 2022 This blog was written by Douglas McKee We often discuss how the intentions of an action matter, and it's clear to see why they do. If I am walking down the sidewalk, distracted by my phone of course and run into a...

Why Organizations Struggle with Patch Management (and What to Do about It)

The cybersecurity attack surface continues to grow exponentially. Modern technologies are being deployed on-premises and in the cloud as part of digital transformation journeys. Meanwhile, the current practice of identifying, classifying, prioritizing, and remediating vulnerabilities has become...

Cybersecurity Awareness Month 2022: 3 Actionable Tips

Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface...

External attack surface and ongoing cybercriminal activity in APAC region

To prevent a cyberattack, it is vital to know what the attack surface for your organization is. To be prepared to repel the attacks of cybercriminals, businesses around the world collect threat intelligence themselves or subscribe for threat intelligence services. Continuous threat research enabl...

Red Teaming to Reduce Cyber Risk

Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface...

What’s most important for a CISO in API security?

As threats to networks and systems have changed, so have CISOs’ priorities. API security has grown more important with everything as a service and in the cloud. Todays CISOs must ensure they have a plan for protecting APIs. To learn what’s most crucial when protecting APIs, we surveyed CISOs and...

Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques

We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing clo...

Metaverse Broadband Infrastructure Security

The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for enhancing network security to minimize cyber risk across the attack surface...