In application security testing, Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) are prominent techniques. However, Interactive Application Security Testing (IAST) is a promising new entrant in AST, helping to dramatically reduce false positives. This white paper provides a...
Despite rapid and widespread deployment, APIs remain poorly protected and automated threats are mounting. Personally identifiable information (PII), payment card details and business-critical services are at risk due to bot attacks.
Download this whitepaper to learn more about:
Symptoms of bot attacks on APIs
Key...
Forescout updated its multifaceted IT/OT visibility and control platform to enhance the product's long-standing reputation for handling network admission controls.
In this review, SANS Analyst Don Murdoch digs into the product's capabilities and explores these key areas:
Device discovery and classification
IoT...
The clear message from this year's Global Password Security Report is businesses still have a lot of work to do in the areas of password and access security.
Businesses are increasing their use of important security measures like multifactor authentication - but unfortunately employees still have poor password...
In this first edition of The Enterprise of Things Security Report, Forescout Research Labs analyzed data from over 8 million devices deployed across the Financial Services, Government, Healthcare, Manufacturing and Retail sectors to assess the current state of enterprise IoT cybersecurity. This information comes from...
Many organizations get stuck in the vortex of endless endpoint security operational challenges. Solving this operational chaos is a must, especially when 68% of organizations have seen an increase in the frequency of attacks against endpoints in the last 12 months.
The need to boost efficiencies is clear. To get...
Several prominent business executives and politicians, including Joe Biden, Elon Musk and Bill Gates, had their Twitter accounts hijacked in what appears to be a cryptocurrency scam, according to news reports. Some security experts believe that two-factor authentication protections failed.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
Data has a definite lifecycle. Understanding that lifecycle and looking at data through the lens of that life cycle creates new ways of looking and thinking about data and create a language to understand and see new opportunities for the data the organization holds and also perhaps opportunities to dispose of data...
8 Steps to Shore Up Your Defense Against Cyberattack
In the past, it was easy to take mainframe security for granted. The mainframe was locked down behind closed doors, and even if you were able to get into the room, you'd still needed the coding experience to hack it.
Today, the mainframe is closer to the internet...
The Internet of Things (IoT) is opening up new opportunities for businesses and consumers, and is the linchpin of almost every digital transformation initiative. However, IoT also presents considerable security risks and challenges for organisations, specifically attackers impersonating a trusted device could conduct...
How organizations in the most demanding and complex environments are leveraging Tanium to build resilience, maintain business continuity, and manage their long-term risk for today, tomorrow, and the new normal.
This paper discusses:
Endpoint Management and Security in the Age of COVID-19
Why Internal Endpoint...
As many IT teams work overtime to enable remote workers, maintaining security practices and compliance may not be top of mind, but threat actors are actively seeking opportunities to benefit from current circumstances.
Although enabling a remote workforce is typically a common practice, some particularly urgent and...
Federal government agencies face unique cybersecurity risks, and as a result they often place tight restrictions on mobile devices in the workplace. But perhaps it's time to loosen these restrictions because they are negatively impacting missions, recruitment and retention.
There are consequences of cutting back or...
Connected medical devices are now an integral part of modern healthcare - from pacemakers and insulin pumps to wearable monitoring devices. However, persistent and unmitigated vulnerabilities in the medical device hardware, networks and applications are putting intellectual property, personal data and patient safety...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
