Blog Posts

  • Understanding APIs and How Attackers Abuse Them to Steal Data

    Understanding APIs and How Attackers Abuse Them to Steal Data

    Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate with one another. They also represent an...

    Read Article
  • Cookies Beyond Browsers: How Session-Based Attacks Are Evolving

    Cookies Beyond Browsers: How Session-Based Attacks Are Evolving

    In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the...

    Read Article
  • How Secure is Automotive Digital Identity?

    How Secure is Automotive Digital Identity?

    In the automotive industry’s fast lane, the fusion of digital innovation with vehicular engineering has revolutionized how we manufacture, drive and protect our vehicles. It also helps to ensure...

    Read Article
  • Election Security: Defending Democracy in Today’s Dynamic Cyber Threat Landscape

    Election Security: Defending Democracy in Today’s Dynamic Cyber Threat Landscape

    With over 50 countries heading to the polls this year, including major economies like the U.S., India and the U.K., 2024, one way or another, will be a defining year with over 4 billion voters...

    Read Article
  • Enterprise Browsers Need to Secure Identities Without Compromise

    Enterprise Browsers Need to Secure Identities Without Compromise

    Now is the time. It’s been over 30 years since the introduction of the first web browser. Since then, the browser has evolved into an application that allows us to stream entertainment, work and...

    Read Article
  • CIO POV: What Makes a Good Neighbor in a Bad Cyber Neighborhood

    CIO POV: What Makes a Good Neighbor in a Bad Cyber Neighborhood

    “It’s discouraging to try to be a good neighbor in a bad neighborhood.” –William Castle This quote from the late American horror film director has recently been running through my head as I think...

    Read Article
  • CyberArk SaaS Solutions Achieve FedRAMP® High Authority

    CyberArk SaaS Solutions Achieve FedRAMP® High Authority

    I’m honored to share that CyberArk is FedRAMP® High Authorized and ready to support U.S. federal agencies in securing access to critical government data and systems, meeting Zero Trust mandates...

    Read Article
  • How to Align Your Security Strategy with NIST Cybersecurity Framework 2.0

    How to Align Your Security Strategy with NIST Cybersecurity Framework 2.0

    After a decade in the making – or waiting, as the case may be – the National Institute of Standards and Technology (NIST) has released the first major revision to its Cybersecurity Framework...

    Read Article
  • Why Identity Security Is Essential to Cybersecurity Strategy

    Why Identity Security Is Essential to Cybersecurity Strategy

    In the modern digital landscape, cybersecurity isn’t just a technical challenge – it’s a business imperative. At the heart of cybersecurity is identity security – the principle that the right...

    Read Article
  • Why Your Organization Needs Dynamic Secrets and Rotation

    Why Your Organization Needs Dynamic Secrets and Rotation

    In today’s rapidly evolving digital landscape, organizations confront a formidable array of cyber threats, with attacks and data breaches becoming increasingly prevalent. As businesses embrace...

    Read Article
  • How Time, Entitlements and Approvals (TEA) Can Secure the Keys to Your Cloud

    How Time, Entitlements and Approvals (TEA) Can Secure the Keys to Your Cloud

    A popular topic of conversation in my day-to-day work is how to secure privileged access to cloud management consoles and workloads. And that’s no surprise, considering more and more applications...

    Read Article
  • Why Machine Identities Are Essential Strands in Your Zero Trust Strategy

    Why Machine Identities Are Essential Strands in Your Zero Trust Strategy

    Just like a snagged strand can ruin your garment, overlooking the security of machine identities can tear the very fabric of Zero Trust that protects your organization from bad actors. As a quick...

    Read Article
  • Enterprise Browser: The Gateway to Securing All Identities

    Enterprise Browser: The Gateway to Securing All Identities

    With new identities, environments and attack methods dominating today’s threat landscape, cybersecurity leaders are hyper-focused on securing identities to safeguard enterprises. However, a...

    Read Article
  • The Hacker’s Guide to The Cosmos (SDK): Stealing Millions from the Blockchain

    The Hacker’s Guide to The Cosmos (SDK): Stealing Millions from the Blockchain

    Introduction Welcome, fellow travelers of the Cosmos! While we may not be traversing the stars on a spaceship, we are all interconnected through the powerful network of blockchains. Unfortunately,...

    Read Article
  • CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed

    CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed

    If the first month-plus of 2024 is any indication, this year is likely to be anything but ordinary in the cybersecurity realm. In January alone, a triad of events unfolded, each more riveting than...

    Read Article
  • A Deep Dive into Penetration Testing of macOS Applications (Part 3)

    A Deep Dive into Penetration Testing of macOS Applications (Part 3)

    Introduction This is the final installment of the blog series “A Deep Dive into Penetration Testing of macOS Applications.” Previously, we discussed the structure of macOS applications and their...

    Read Article
  • APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints

    APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints

    A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely...

    Read Article
  • Redefining PAM to Secure OT and IoT Devices

    Redefining PAM to Secure OT and IoT Devices

    Left to their own devices, your organization’s devices can be a significant source of risk. Consider operational technology (OT), which is crucial for organizations but is not engineered and...

    Read Article
  • Elevating Cloud Security With Well-Architected Practices

    Elevating Cloud Security With Well-Architected Practices

    It’s said that life truly begins when you step out of your comfort zone. Living in California provides me with many options for hiking and trekking, a perfect backdrop for spending time with...

    Read Article
  • Ransomware’s PLAYing a Broken Game

    Ransomware’s PLAYing a Broken Game

    Abstract The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is...

    Read Article
  • loading
    Loading More...