Blog Posts

  • How to Align Your Security Strategy with NIST Cybersecurity Framework 2.0

    How to Align Your Security Strategy with NIST Cybersecurity Framework 2.0

    After a decade in the making – or waiting, as the case may be – the National Institute of Standards and Technology (NIST) has released the first major revision to its Cybersecurity Framework...

    Read Article
  • Why Identity Security Is Essential to Cybersecurity Strategy

    Why Identity Security Is Essential to Cybersecurity Strategy

    In the modern digital landscape, cybersecurity isn’t just a technical challenge – it’s a business imperative. At the heart of cybersecurity is identity security – the principle that the right...

    Read Article
  • Why Your Organization Needs Dynamic Secrets and Rotation

    Why Your Organization Needs Dynamic Secrets and Rotation

    In today’s rapidly evolving digital landscape, organizations confront a formidable array of cyber threats, with attacks and data breaches becoming increasingly prevalent. As businesses embrace...

    Read Article
  • How Time, Entitlements and Approvals (TEA) Can Secure the Keys to Your Cloud

    How Time, Entitlements and Approvals (TEA) Can Secure the Keys to Your Cloud

    A popular topic of conversation in my day-to-day work is how to secure privileged access to cloud management consoles and workloads. And that’s no surprise, considering more and more applications...

    Read Article
  • Why Machine Identities Are Essential Strands in Your Zero Trust Strategy

    Why Machine Identities Are Essential Strands in Your Zero Trust Strategy

    Just like a snagged strand can ruin your garment, overlooking the security of machine identities can tear the very fabric of Zero Trust that protects your organization from bad actors. As a quick...

    Read Article
  • Enterprise Browser: The Gateway to Securing All Identities

    Enterprise Browser: The Gateway to Securing All Identities

    With new identities, environments and attack methods dominating today’s threat landscape, cybersecurity leaders are hyper-focused on securing identities to safeguard enterprises. However, a...

    Read Article
  • The Hacker’s Guide to The Cosmos (SDK): Stealing Millions from the Blockchain

    The Hacker’s Guide to The Cosmos (SDK): Stealing Millions from the Blockchain

    Introduction Welcome, fellow travelers of the Cosmos! While we may not be traversing the stars on a spaceship, we are all interconnected through the powerful network of blockchains. Unfortunately,...

    Read Article
  • CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed

    CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed

    If the first month-plus of 2024 is any indication, this year is likely to be anything but ordinary in the cybersecurity realm. In January alone, a triad of events unfolded, each more riveting than...

    Read Article
  • A Deep Dive into Penetration Testing of macOS Applications (Part 3)

    A Deep Dive into Penetration Testing of macOS Applications (Part 3)

    Introduction This is the final installment of the blog series “A Deep Dive into Penetration Testing of macOS Applications.” Previously, we discussed the structure of macOS applications and their...

    Read Article
  • APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints

    APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints

    A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely...

    Read Article
  • Redefining PAM to Secure OT and IoT Devices

    Redefining PAM to Secure OT and IoT Devices

    Left to their own devices, your organization’s devices can be a significant source of risk. Consider operational technology (OT), which is crucial for organizations but is not engineered and...

    Read Article
  • Elevating Cloud Security With Well-Architected Practices

    Elevating Cloud Security With Well-Architected Practices

    It’s said that life truly begins when you step out of your comfort zone. Living in California provides me with many options for hiking and trekking, a perfect backdrop for spending time with...

    Read Article
  • Ransomware’s PLAYing a Broken Game

    Ransomware’s PLAYing a Broken Game

    Abstract The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is...

    Read Article
  • GenAI’s Role in Upskilling to Close the Cybersecurity Skills Gap

    GenAI’s Role in Upskilling to Close the Cybersecurity Skills Gap

    The cybersecurity industry has a major people problem: it doesn’t have enough of them. The global shortage of more than 4 million cybersecurity workers isn’t a new phenomenon, but as digital and...

    Read Article
  • Why Identity Security Requires More Than ITDR

    Why Identity Security Requires More Than ITDR

    Identity Threat Detection and Response (ITDR) is one of many aspects of an effective identity security program. Yet despite what some detection and response-focused vendors may argue, ITDR is not...

    Read Article
  • 3 Things About 2023’s Threat Landscape That Shapes My 2024 CIO POV

    3 Things About 2023’s Threat Landscape That Shapes My 2024 CIO POV

    2023 was a tumultuous year that drove technology transformations at a pace unknown. The industry saw an accelerated and unrivaled pace of technology adoption, persistent yet evolving challenges...

    Read Article
  • Securing High-Risk Access with Reimagined PAM Controls: A Customer Story

    Securing High-Risk Access with Reimagined PAM Controls: A Customer Story

    My team and I were on a call with a customer who saw a critical need to secure access to his company’s cloud service provider (CSP) containers. Our conversation comes to mind often, because it...

    Read Article
  • CyberArk Labs’ 2023 Threat Research Highlights

    CyberArk Labs’ 2023 Threat Research Highlights

    Throughout an eventful 2023, CyberArk Labs remained focused on uncovering emerging cyberattack patterns and producing threat research aimed at helping organizations strengthen their identity...

    Read Article
  • Secure Identities With These Five Intelligent Privilege Controls

    Secure Identities With These Five Intelligent Privilege Controls

    If you’re reading this, a major part of your job is making the case for security-related issues you know are urgent. You may be among the 97% of CISOs being asked to present to their...

    Read Article
  • SafeNet: Securing Your Network From Yourself

    SafeNet: Securing Your Network From Yourself

    TL;DR Whether working at home or in the office, when conducting cybersecurity research, investigating the dark web forums or engaging with any dangerous part of the internet, staying safe is...

    Read Article
  • loading
    Loading More...