Overview
Explore
Partners
23 results found
MITRE ATT&CK vs. Cybersecurity Kill Chain: A Simple Breakdown
In the third installment of the "Grizzled CyberVet: Practical Cybersecurity" collection, we compare and contrast the Cybersecurity Kill Chain and MITRE ATT&CK Framework.
The MITRE ATT&CK Framework: A Beginner's Guide
As part of the "Grizzled CyberVet: Practical Cybersecurity" collection, we examine the MITRE ATT&CK framework. We simplify and explain this framework used by attackers to compromise your digital ecosystem.
PCI DSS 4, APIs and You - The Ostrich is Looking Around
The Payment Card Industry (PCI) Security Standards Council's Data Security Standard (DSS) 4.0, effective March 31, 2024, introduces significant updates with a focus on API security. It mandates broader code repository coverage, emphasizes secure development practices, and encourages early integration of security measures, marking a notable shift towards a proactive security culture in handling sensitive payment information.
The Grizzled CyberVet: State of Network Security
Network security has evolved rapidly, with the field now embracing zero trust, AI-driven defenses and integrated platforms. The next five years will see AI, SASE and quantum-resistant cryptography reshape the landscape. Enterprises must consolidate tools, adopt AI automation and prioritize identity-first security to stay ahead of increasingly sophisticated cyber threats. Secure your future now.
Cybersecurity Platforms vs. Point Solutions: Swiss Army Knives or Precision Tools?
This first article in a 5-part series explores the difference between cybersecurity platforms and point solutions. It explains how platforms offer unified, scalable protection while point solutions deliver specialized, best-in-class capabilities. Using simple analogies, it shows how these approaches tackle complex business challenges, setting the stage for deeper dives in upcoming articles.
PCI DSS 4.0 and ASPM: Resistance is Futile
The Payment Card Industry Data Security Standard (PCI DSS) 4.0 introduces new requirements for application security teams, emphasizing the need for continuous and proactive approaches to application security.
API Security Fundamentals: An Introduction (and What Does the Super Bowl Have to Do With It?)
Let's delve into all things API security, particularly aimed at global financial institutions. Here, I cover the basics and provide an overview of WWT's approach (with a Super Bowl-themed twist). Next, I'll cover API discovery; then API focused threat detection, prevention and response; and lastly, API security testing and validation.
Speeding up Container Security with NVIDIA Blueprint: Accelerated Vulnerability Analysis
In the dynamic world of cybersecurity, the ability to swiftly and accurately analyze vulnerabilities is crucial. Traditional methods, often labor-intensive and time-consuming, struggle to keep up with the increasing volume and complexity of threats. The NVIDIA Vulnerability Analysis Blueprint offers a transformative solution, leveraging advanced AI technologies to redefine container security.
The Imperative Shift Left: How API Security is Redefining Traditional SecOps
In today's IT landscape, digital transformation is driving change in IT. We posit that API security will be the technology that will finally make the "shift left" a reality. Here's why.
The SSDAF - A Shot Across the AppSec Bow
The United States federal government has released the Secure Software Development Attestation Form (SSDAF), which signifies a new and stringent stance on secure software development practices.
Pulling Security out of your SaaS
SaaS apps abstract almost everything. How in the world do we secure them?
OWASP API Top 10 Deep Dive, Part 1
For part one of this series, we discuss the vulnerability categories of the new 2023 OWASP API Top 10.