PCI-DSS has long been the standard for securing payment card-related information. Meeting this bar was the bare minimum requirement for showing that an organization had sufficient controls to keep this data secure. With changes to PCI-DSS already being released and required by 2024, organizations developing and running applications to collect or process payment card-related data need […]
CTA Type: Blog
Automotive Industries Article
By 2024, it’s predicted there’ll be more than 400 million connected vehicles in use around the world. In Automotive Industries magazine, Aviram Jenik discusses the implications for cybersecurity and looks at how rigorous testing and standard protocols can elevate the safety of these fast-evolving vehicles. Originally published in Automotive Industries. Excerpt: “Industry regulators are meeting the rise in […]
Top 3 Reasons You Need A Black Box Fuzzer
What is Black Box Fuzzing and why do you need it? Black box fuzzers attack code vulnerabilities the same way a malicious actor would. Black box fuzzing is a type of dynamic application security testing (DAST) that uses one of the widest ranges of attacks to find unexpected code input errors. The goal is to […]
7 Cybersecurity Resolutions For 2022 Infographic
It’s the start of a new year, now’s the perfect time to review your cybersecurity goals. Each year cyberthreats increase, causing more and more damage. Your security program and protection needs to be updated and adjusted accordingly to match these threats, preventing criminals from breaching your company’s security. There are numerous ways your cybersecurity can […]
Read More… from 7 Cybersecurity Resolutions For 2022 Infographic
Apache Log4j2 Security Advisory
Beyond Security by Fortra is aware of a recently disclosed security issue related to the open-source Apache “Log4j2” utility (CVE-2021-44228). Log4j is a logging framework found in Java software. The flaw is tied to a failure by certain features in the Java Naming and Directory Interface (JNDI) which is used in configuration, log messages and […]
Infographic: BEST CODING PRACTICES FOR SECURE WEB APPLICATIONS
Keeping your organization protected from web application vulnerabilities doesn’t have to be complicated. There are some best secure coding practices that you can follow to ensure that you’re protecting your customers and preventing cyber criminals from damaging your company. […]
Read More… from Infographic: BEST CODING PRACTICES FOR SECURE WEB APPLICATIONS
New Automotive Cybersecurity Standards Require SAST and DAST Solutions
In the last decade, there have been 633 automotive cybersecurity incidents. Yet, this year at Black Hat, the automobile industry was able to breathe a momentary sigh of relief when a connected vehicle was presented as a hacking challenge, and no one succeeded. This stood in stark contrast to 2015 when researchers demonstrated the real danger of automotive […]
Read More… from New Automotive Cybersecurity Standards Require SAST and DAST Solutions
IoT Security 101
The COVID-19 pandemic left its indelible mark across our society. Our work, recreation, healthcare, and even grocery shopping became remote, digital, and reliant on the internet. The eruption of new apps and Internet of Things (IoT) devices proved a tempting target for cyber attackers; that brought security issues new and old to the fore. IoT […]
beSECURE Announces Integration with Core Impact Penetration Testing Tool
Though its already known for swiftly identifying, evaluating, prioritizing, and reporting on security weaknesses, vulnerability management solution beSECURE can now streamline your security even further through a new integration with Core Security’s comprehensive penetration testing tool, Core Impact. By combining these two best-in-class tools, your organization can take its security strategy to the next level. How Do Pen Tests Enhance Vulnerability Management? Vulnerability management solutions like beSECURE are vital tools that continually scan for network and application vulnerabilities, map […]
Read More… from beSECURE Announces Integration with Core Impact Penetration Testing Tool
Agent-Based vs. Agentless Scanning: Choosing the Right Vulnerability Scanning Method
Preventable Attacks Another day, another data breach. Cybercrime is on the rise, and the only way to stop a cyberattack is to think like an attacker. In many cases, the bad actor’s first step is scanning the victim’s systems for vulnerabilities that allow them to gain a foothold. According to Forrester’s State of Application Security, 39% […]
Read More… from Agent-Based vs. Agentless Scanning: Choosing the Right Vulnerability Scanning Method