Daniel Stori’s Turnoff.US: ‘Chat GPT Code Smell’
via the inimitable Daniel Stori at Turnoff.US!
The post Daniel Stori’s Turnoff.US: ‘Chat GPT Code Smell’ appeared first on Security Boulevard.
Security Boulevard
E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it
No More Barf-Green Bubbles? GSM Association is “excited” to bring Apple and Google closer together, but encryption is still lacking.
The post E2EE is MIA in iPhone/Android Chat — GSMA Gonna Fix it appeared first on Security Boulevard.
Honeytokens [Security Zines]
Buckle up, buttercup, because we're about to dive into the sticky-sweet world of honeytokens!
The post Honeytokens [Security Zines] appeared first on Security Boulevard.
USENIX NSDI ’24 – LoLKV: The Logless, Linearizable, RDMA-Based Key-Value Storage System
Authors/Presenters:Ahmed Alquraan, Sreeharsha Udayashankar, Virendra Marathe, Bernard Wong. Samer Al-Kiswany
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.
The post USENIX NSDI ’24 – LoLKV: The Logless, Linearizable, RDMA-Based Key-Value Storage System appeared first on Security Boulevard.
North Korean Group Uses Fake Job Offers to Target Energy, Aerospace Sectors
The North Korean-backed threat group UNC2970 is using spearphishing emails and WhatsApp messages to entice high-level executives in the energy and aerospace sectors to open a malicious ZIP file containing a fake job description and a previously unknown backdoor called MISTPEN.
The post North Korean Group Uses Fake Job Offers to Target Energy, Aerospace Sectors appeared first on Security Boulevard.
How Much Will It Cost to Get PCI DSS Audited?
Explore PCI DSS audit costs, key factors that influence pricing, and practical tips for managing and optimizing your compliance expenses.
The post How Much Will It Cost to Get PCI DSS Audited? appeared first on Scytale.
The post How Much Will It Cost to Get PCI DSS Audited? appeared first on Security Boulevard.
Post-Quantum Cryptography: The Future of Secure Communications and the Role of Standards
Digital security has long relied on cryptographic systems that use complex mathematical problems (also known as algorithms) to keep sensitive data and transactions safe from unauthorized access. These algorithms were designed to be nearly impossible for classical computers to solve, ensuring robust protection and encryption for online activities like email communication, secure banking, and more. […]
The post Post-Quantum Cryptography: The Future of Secure Communications and the Role of Standards appeared first on Security Boulevard.
News alert: Evergy selects OneLayer to manage, secure its private cellular OT assets
Boston, Mass., Sept. 18, 2024] — One Layer, the leader in managing and securing enterprise private 5G/LTE Operational Technology (OT) networks, announced today the selection of its OneLayer Bridge private LTE network device management and zero trust security platform … (more…)
The post News alert: Evergy selects OneLayer to manage, secure its private cellular OT assets first appeared on The Last Watchdog.
The post News alert: Evergy selects OneLayer to manage, secure its private cellular OT assets appeared first on Security Boulevard.
10 Best Attack Surface Management Tools
10 Best Attack Surface Management Tools
What Is Attack Surface Management?
What Are the Different Types of Attack Surfaces?
Top Enterprise Attack Surface Management Tools
Selecting the Right Tool to Manage Your Attack Surface
Enhance Your Attack Surface Visibility with FireMon
10 Best Attack Surface Management ToolsAs the cyberthreat landscape grows in both complexity and volume, organizations must adopt comprehensive strategies to protect their digital assets. One critical element of a vigorous cybersecurity program is attack surface management (ASM), which involves identifying, monitoring, and reducing potential attack vectors.
To identify the best attack surface management tools for enterprise, cybersecurity decision makers must understand what attack surface management is, and the types of attack surfaces they need to secure.
What Is Attack Surface Management?Attack surface management refers to the continuous process of asset discovery, assessment, and risk mitigation associated with an organization’s network. This includes mapping all assets that could be potential entry points for malicious actors.
ASM involves several activities, including:
Asset DiscoveryASM tools identify the organization’s internet-facing assets. Rather than manually inputting your assets, asset discovery solutions use automation for attack surface mapping and inventory of company resources.
Asset discovery is used to identify the following types of assets:
- Known Assets: The organization is aware of these assets’ existence and is actively managing them. Known assets include user directories, websites, applications, servers, routers, and employee-owned or corporate-issued smartphones and computers.
- Unknown Assets: These assets use company networks without institutional approval or oversight. They include old software, abandoned websites, and unsupervised mobile devices and cloud services that access the company’s network.
- Vendor Assets: Although the company doesn’t own these assets, they’re part of its digital supply chain. They include public cloud assets, application programming interfaces (APIs), and software-as-a-service (SaaS) apps.
- Rogue Assets: This malicious infrastructure is created by threat actors to launch cyberattacks against a company. They include malware, phishing sites, and typo squatted domains.
Upon discovery, assets are categorized according to their risk exposure, criticality, and function to identify urgent security threats and make data-based decisions. Ordinarily, vital and easily exploitable issues take priority.
RemediationThe remediation process focuses on implementing measures to strengthen an organization’s security posture by addressing vulnerabilities and minimizing risk exposure.
Remediation measures that can improve security posture include:
- Reconfiguring systems Access controls
- Network segmentation
- Decommissioning vulnerable assets
- Adopting a zero-trust model
Continuous monitoring is necessary to counter emerging threats and assets. The goal is to identify new vulnerabilities and track changes to current ones. Remember, monitoring goes hand in hand with reporting.
What Are the Different Types of Attack Surfaces?An attack surface is the sum of possible access points for unauthorized users to your systems. On the other hand, attack vectors, or threat vectors are specific attack routes to sensitive data.
Attack surfaces include:
Digital Attack SurfacesDigital attack surfaces expose the software and hardware that link to a company’s network. Provided the hacker has an internet connection, they can exploit the following vectors to launch an attack:
- Misconfiguration: Cybercriminals can use incorrectly configured firewall policies, network ports, and wireless access points.
- Weak Credentials: Weak passwords are easier to guess or crack, allowing cybercriminals to steal data or spread malware, such as ransomware.
- Shared Directories: It’s not uncommon for hackers to steal data from collaborative directories or infect them with malware.
- Poor Encryption: Cybercriminals can intercept unencrypted data at different stages, whether the information is in processing, in transit, or at rest.
Physical attack surfaces comprise a company’s tangible assets.
Security risks include:
- Insider Threats: Dissatisfied employees can abuse access privileges to spread malware, disable devices, or obtain company data.
- Device Theft: When criminals access an organization’s physical premises, they can retrieve data from desktops, laptops, IoT devices, smartphones, servers, and other operational hardware.
- Access Control Systems: Attackers can use biometric scanners, security cameras, and keycards to gain unauthorized access to secure areas.
The following is a list of the best attack surface management tools to help discover assets, monitor, and increase your security posture.
1. FireMonFireMon’s asset discovery tool, Asset Manager, automatically discovers and maps all assets across the network in real time, creating a detailed inventory. This helps in identifying potential attack vectors and unmanaged assets that could be exploited.
FireMon’s network security policy management (NSPM) solution optimizes firewall rules and configurations to minimize unnecessary exposure and reduce the attack surface. It helps in removing redundant or overly permissive rules that could be exploited by attackers.
2. QualysInitially known as Qualys Cloud Platform or Qualysguard, the Qualys TruRisk Platform is a network security and vulnerability management tool. This platform offers security checks, application scanning, attack surface mapping, detection of network devices, and tools to prioritize and fix vulnerabilities. These features work together to help reduce and manage risk.
Qualys offers a comprehensive suite of features that prioritize real-time vulnerability management. It can continuously scan and identify security weaknesses across your network. The software solution also provides detailed asset discovery to catalog all hardware and software.
3. TenableTenable’s Nessus vulnerability scanner offers extensive coverage of vulnerabilities with continuous real-time system assessments. It comprises built-in features for threat intelligence, prioritization, and real-time insights. Enterprises use it to identify and understand risks, allowing operators to prioritize and address them proactively.
Nessus enables businesses to detect potential vulnerabilities and focus on critical issues to streamline the threat remediation process. It also allows professionals to keep an audit trail and access detailed scan information. These include severity, status, and start and end times.
4. Rapid7With a robust platform that helps protect your systems from attackers and grow with your needs, Rapid7 also ranks among the top attack surface management tools. The platform offers application security, vulnerability management, external threat intelligence, threat detection, and automation tools. It makes it a great choice for IT and DevOps teams who use them to quickly identify and respond to threats.
Rapid7 aims to make the digital world safer by simplifying cybersecurity and making it more accessible. The company provides security professionals with the research, tools, and expertise needed to manage today’s complex attack surfaces.
5. Microsoft Defender External Attack Surface ManagementMicrosoft’s Defender focuses on external attack surface management and is offered on Microsoft’s Azure platform. It can identify vulnerabilities and exposures in web-based resources and map out an organization’s unique online attack surface.
Microsoft Defender’s real-time inventory monitoring lets you point out, analyze, and categorize external-facing resources as they emerge. Organizations can use it to enhance their attack surface visibility and discover assets across various cloud environments, including hidden resources like shadow IT.
6. CrowdStrike Falcon SurfaceCrowdStrike addresses security challenges by offering a solution that combines endpoint detection and response, next-generation antivirus, cyber threat intelligence, and security best practices.
Falcon Surface also provides full visibility into internet risks affecting businesses and prioritizes threats based on expert insights and business needs.
7. MandiantMandiant provides users with over 250 pre-built integrations to discover assets and cloud resources and identify relationships with partners and third parties. Like many of the other ASM tools, Mandiant monitors network infrastructure continuously to detect exposures and ensure a smooth transition during cloud adoption and digital transformation.
Mandiant helps security teams with the ability to tackle real-world threats by identifying misconfigurations, vulnerabilities, and exposed areas that need attention.
8. BrinqaBrinqa’s ASM platform includes features like a risk operations center, vulnerability risk management, and cloud risk management. Users can handle risks across their entire attack surface.
Brinqa creates a unified inventory of your attack surface by connecting all asset types, business context, threat intelligence, and security controls into a dynamic Cyber Risk Graph.
9. Cortex by Palo Alto NetworksThis global platform by Palo Alto Networks reduces risks by assessing supply chain security, managing cloud security, and addressing various vulnerabilities. Cortex protects against remote access security issues, unpatched systems, insecure file sharing, sensitive business apps, IT portals, weak encryption, and exposed IoT devices.
Cortex Xpanse collects data from domain registrars, DNS records, and business databases to find and identify all of your internet assets. The solution can create a detailed and unique inventory of your online assets, uncovering unknown assets without needing to install or set up anything.
10. CyCognitoCycognito’s cloud-based platform focuses on managing external attack surfaces. It uses bots and other tools to continuously scan, categorize, and map digital assets. The tool automatically identifies and ranks security risks as if they were real attackers
CyCognito mimics how attackers perform reconnaissance to proactively identify gaps in a company’s defenses.
Selecting the Right Tool to Manage Your Attack SurfaceThe list of available attack surface management solutions goes far past 10, and it can be difficult to determine what’s best for your organization. However, you may be able to narrow the field by keeping the following ASM best practices in mind:
Visibility Through Continuous MonitoringThreats keep changing, and a strong cybersecurity program needs ongoing updates. This involves continuous monitoring with automated tools like security information and event management (SIEM) software to track and analyze data from various sources, including security operations integrations.
Prioritize the Most Critical ThreatsOnce you understand your attack surface, address the most serious vulnerabilities and risks before tackling less urgent issues. For instance, you can take assets offline and improve network security. A tool that provides both real-time visibility and monitors network changes makes prioritization easier.
Know Your Attack SurfaceUnderstand where attackers might strike, which digital assets are at risk, and what protections are needed. Predictive modeling can help anticipate the impact of breaches. Effective defense strategies involve knowing what assets you have, monitoring for vulnerabilities, and using threat intelligence to stay ahead of potential attacks.
Enhance Your Attack Surface Visibility with FireMonAs network complexity increases, cyber asset management and attack surface monitoring become increasingly difficult. As your organization grows, so does the risk of introducing gaps in network visibility. This is where FireMon comes in.
FireMon Asset Manager provides real-time active, passive, and targeted network and device discovery to detect unknown, rogue, shadow clouds, network infrastructure, and endpoints in the enterprise.
Asset Manager can help to:
- Eliminate Blind Spots: Stay ahead of expanding attack surfaces by automatically discovering and cataloging networks, devices, and connections within your environment.
- Enrich Asset Data: Ensure operational intelligence by augmenting systems of record with accurate, up-to-date asset details and attributes.
- Improve Data Fidelity in Systems of Record: Leverage API and integrations to provide continuous, complete asset information to your security stack.
Request a demo today and discover why FireMon is one of the best attack surface management tools for your enterprise.
Frequently Asked Questions What Are Attack Surface Management Tools?Attack surface management tools are specialized cybersecurity solutions that help organizations discover assets, monitor, and reduce your attack surface. These tools continuously scan an organization’s networks to detect potential vulnerabilities or points of unauthorized access. Attack surface management tools enable organizations to proactively address security risks by providing comprehensive visibility into all assets.
What Should I Look for in Attack Surface Management Software?When selecting an attack surface management vendor, it’s important to consider tools that offer real-time monitoring and alerts to promptly detect emerging threats. The software should also include robust risk assessment and prioritization capabilities. Additionally, consider ease of integration with existing security systems and a user-friendly interface.
Get 9xBETTER Book your demo now Sign Up Now Customers
Customer Success Training Hub
User Center
Partner Directory
Partner Portal
Technology Partners
The post 10 Best Attack Surface Management Tools appeared first on Security Boulevard.
Analysis Identifies Web Servers as Weakest Cybersecurity Link
An analysis of more than 39 million anonymized and normalized data points published today by Cycognito, a provider of platforms for discovering and testing attack surfaces, finds web servers accounted for more than a third (34%) of all the severe issues discovered.
The post Analysis Identifies Web Servers as Weakest Cybersecurity Link appeared first on Security Boulevard.
SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures
Austin, TX, 18th September 2024, CyberNewsWire
The post SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures appeared first on Security Boulevard.
INE Security Wins 2024 SC Excellence Award
Cary, North Carolina, 18th September 2024, CyberNewsWire
The post INE Security Wins 2024 SC Excellence Award appeared first on Security Boulevard.
Ubuntu Fixes Memory Vulnerabilities in Vim: Patch Now
Vim, a popular text editor in Unix-like operating systems, has been identified with two medium-severity vulnerabilities that could pose a security risk to users. These vulnerabilities, identified as CVE-2024-41957 and CVE-2024-43374, could allow attackers to cause a denial of service (DoS) or potentially execute code with user privileges. Let’s dive into these vulnerabilities, their potential […]
The post Ubuntu Fixes Memory Vulnerabilities in Vim: Patch Now appeared first on TuxCare.
The post Ubuntu Fixes Memory Vulnerabilities in Vim: Patch Now appeared first on Security Boulevard.
DMARC for PCI DSS: Your Practical Guide to 2025 Compliance Implementation
The Payment Card Industry Data Security Standard (PCI ...
The post DMARC for PCI DSS: Your Practical Guide to 2025 Compliance Implementation appeared first on EasyDMARC.
The post DMARC for PCI DSS: Your Practical Guide to 2025 Compliance Implementation appeared first on Security Boulevard.
Fair Ball or Foul Play? EU’s Digital Markets Act Puts App Security on Shaky Ground
Apple Inc, announced a fightback after the EU's Digital Markets Act (DMA) allegedly forced a compromise on the security of its products.
The post Fair Ball or Foul Play? EU’s Digital Markets Act Puts App Security on Shaky Ground appeared first on Security Boulevard.
Data Detection & Response (DDR): Not the Dance Revolution It Claims
In today’s cybersecurity landscape, protecting sensitive information is more critical than ever. The latest “Cyber Security in Focus report” by...
The post Data Detection & Response (DDR): Not the Dance Revolution It Claims appeared first on Symmetry Systems.
The post Data Detection & Response (DDR): Not the Dance Revolution It Claims appeared first on Security Boulevard.
How to Modernize Security Operations Centers
GSOC modernization is a journey that starts with understanding your unique business needs This article was originally published in ASIS Security Management Magazine. In the past decade, global security operations centers (GSOCs) have been in their early adolescence. They were focused on baseline physical security functions such as monitoring alarm systems and video surveillance feeds.…
The post How to Modernize Security Operations Centers appeared first on Ontic.
The post How to Modernize Security Operations Centers appeared first on Security Boulevard.
Fortinet Mid-September Data Breach Advisory
Let’s first review the breach as published in many online sources. Here is the summary of what happened
The post Fortinet Mid-September Data Breach Advisory appeared first on Seceon.
The post Fortinet Mid-September Data Breach Advisory appeared first on Security Boulevard.
USENIX NSDI ’24 – Fast Vector Query Processing for Large Datasets Beyond GPU Memory with Reordered Pipelining
Authors/Presenters:Zili Zhang, Fangyue Liu, Gang Huang, Xuanzhe Liu, Xin Jin
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.
The post USENIX NSDI ’24 – Fast Vector Query Processing for Large Datasets Beyond GPU Memory with Reordered Pipelining appeared first on Security Boulevard.
AppOmni and CrowdStrike Partner to Transform SaaS Security
Read the blog to see how CrowdStrike and AppOmni come together for a more secure SaaS environment for organizations.
The post AppOmni and CrowdStrike Partner to Transform SaaS Security appeared first on AppOmni.
The post AppOmni and CrowdStrike Partner to Transform SaaS Security appeared first on Security Boulevard.
The Home of the Security Bloggers Network