supply chain
Compliance Does Not Equal Cybersecurity
EclecticIQ Endpoint Security Team | | EDR, Malware, osquery, Product, supply chain, Threats and Vulnerabilities
HIPAA, GDPR, PCI, CIS, NIST. Does any of those acronyms sound familiar? Chances are, you’ve heard of several and have a general understanding of what they’re all about. For those that don't, ...
Data Philosophy and Technology Combine for Better Endpoint Security
EclecticIQ Endpoint Security Team | | EDR, Malware, osquery, Product, supply chain, Threats and Vulnerabilities
Russel Ackoff was the one of first to define a hierarchy from data to wisdom (1). In Ackoff’s words: "Data are symbols that represent the properties of objects and events. Information ...
Russian Software Company Pretending to Be American
Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents ...
Chinese Tech: Banned in DC, but not in the States
Richi Jennings | | backdoors, Banned in D.C., china, chinese government, Espionage, government, Huawei, nsa, SB Blogwatch, supply chain, The NSA is just concerned that it will ask for a TikTok login instead of Facebook on the next update, ZTE
There’s a massive loophole in the federal ban on Chinese technology from sus firms such as Huawei and ZTE: It doesn’t stop states from buying it ...
Security Boulevard
APIs and the Software Supply Chain: What you need to know
Guest Author | | api, API security, Cybersecurity, Data Security, Infrastructure, online security, Privacy, software, Software Testing, supply chain
The software supply chain is a concept that refers to the processes and technologies used to manage software products over their lifespan. It's a network of entities involved in the development, distribution, ...
Third-Party Risk in the Cloud
The term third-party risk applies to all risks introduced by external parties into an ecosystem, supply chain or infrastructure. Common third parties include vendors, partners, suppliers, service providers or contractors with access ...
Security Boulevard
Refurbished Security Devices: Mistaken Identity or Deception?
Buying refurbished devices is not uncommon. Online marketplaces, such as eBay, offer a platform for customers to purchase second-hand gadgets at a lower price than the original, but at a higher quality ...
Security Boulevard
CISO Interview Series: The thinking of a CISO at the front end of the cyber threat landscape.
Tripwire Guest Authors | | CISO, cyberattacks, interview, IT Security and Data Protection, Security Framework, Skills, supply chain, threat landscape
What are the most important areas for a CISO to focus on? When speaking to Aman Sood, it becomes clear that the job of a CISO encompasses every aspect of a business. ...
NIST CSF 2.0 Workshop Themes: Praetorian’s View
emmaline | | Advisory Services, governance, industry profiles, international application, measurement, NIST CsF, security insights, standardization, supply chain
On 17 August 2022, NIST conducted the first Workshop to organize the effort to update the NIST Cybersecurity Framework (CSF) to version 2.0. Praetorian originally submitted comments to the CSF 2.0 RFI ...
The Analyst Prompt #15: Network Environment-Focused Conversations Needed in Approaches to Cyber Security
EclecticIQ Threat Research Team | | Corporate, intelligence research, Malware, quantum computing, supply chain, Threats and Vulnerabilities
Exploit Tools and Targets: Enhance Third-Party Risk Management to Mitigate Multi-Targeted Approach Third-party attacks, or supply chain attacks, occur when a trusted software, vendor, or other external company property or personnel is ...