Tag: guide
-
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS
Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windowsSummary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
Your Guide to EDUCAUSE 2025: What Higher-Ed Leaders Need to Know
What is EDUCAUSE 2025? The EDUCAUSE Annual Conference is where higher education’s technology and strategy communities come together. In 2025, it will be October 2730 in Nashville, with a follow-up online program on November 1213. The theme this year is “Restoring Trust”. It reflects the crossroads higher ed finds itself in: students and families expect……
-
Introducing Resource Policies for Continuous AI Security FireTail Blog
Sep 30, 2025 – Alan Fagan – AI moves fast. New models are adopted, get updated, configurations drift. Keeping track of it all is hard, and catching security issues before they become incidents can feel impossible.That is why, as part of our latest release, we’ve added Resource Policies to FireTail.Resource Policies make it simple to…
-
The CISO’s guide to stronger board communication
In this Help Net Security video, Alisdair Faulkner, CEO of Darwinium, explores how the role of the CISO has changed over the past decade. Faulkner shares insights on how CISOs … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/ciso-board-communication-video/
-
The CISO’s guide to stronger board communication
In this Help Net Security video, Alisdair Faulkner, CEO of Darwinium, explores how the role of the CISO has changed over the past decade. Faulkner shares insights on how CISOs … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/ciso-board-communication-video/
-
The CISO’s guide to stronger board communication
In this Help Net Security video, Alisdair Faulkner, CEO of Darwinium, explores how the role of the CISO has changed over the past decade. Faulkner shares insights on how CISOs … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/29/ciso-board-communication-video/
-
Complete Guide to Understanding Risk-Based Authentication
Learn everything about Risk-Based Authentication (RBA): its benefits, implementation, and future trends. Enhance your application security with this comprehensive guide. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/complete-guide-to-understanding-risk-based-authentication/
-
Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection
the Windows binary uses heavy obfuscation and packing: it loads its payload through DLL reflection while implementing anti-analysis techniques like Event Tracing for Windows (ETW) patching and terminating security services;the Linux variant maintains similar functionality with command-line options for targeting specific directories and file types;the ESXi variant specifically targets VMware virtualization environments, and is designed…
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
The Complete Guide to B2B SaaS TopFunnel Growth Strategies: AI-Powered Growth in 2025
Master B2B SaaS lead generation with proven top-of-funnel strategies. From Google Ads to content marketing, discover tools and tactics that successful companies use to fill their sales funnels with qualified prospects and drive sustainable growth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/the-complete-guide-to-b2b-saas-top-of-funnel-growth-strategies-ai-powered-growth-in-2025/
-
The Definitive Guide to Compliance Costs: Where Your Budget Goes
Key Takeaways Businesses are managing compliance on multiple fronts: cybersecurity standards, privacy regulations, third-party oversight, and sector-specific rules that change faster than budgets can adapt. Each requirement adds to the total cost of compliance. It’s easy to pinpoint your audit fees or the price of their GRC platform. But those are only part of the……
-
The Definitive Guide to Compliance Costs: Where Your Budget Goes
Key Takeaways Businesses are managing compliance on multiple fronts: cybersecurity standards, privacy regulations, third-party oversight, and sector-specific rules that change faster than budgets can adapt. Each requirement adds to the total cost of compliance. It’s easy to pinpoint your audit fees or the price of their GRC platform. But those are only part of the……
-
The Engineering Leader’s Guide to Achieving Enterprise Readiness
Learn how to achieve enterprise readiness with SSO and CIAM solutions. This guide covers key considerations, implementation strategies, and best practices for engineering leaders. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/the-engineering-leaders-guide-to-achieving-enterprise-readiness/
-
Constella Intelligence Appoints Andres Andreu as Chief Executive Officer
Industry veteran and recognized security leader to guide Constella’s next phase of growth in identity risk intelligence. Constella Intelligence, a global leader in identity risk intelligence, today announced the appointment of Andres Andreu as Chief Executive Officer. Andres succeeds Kevin Senator, who has stepped down from the role. Andres previously served as Constella’s Chief Operating……
-
Microsoft Publishes Guide for Certificate-Based Authentication in Windows Admin Center
Microsoft has released comprehensive guidance for implementing certificate-based authentication in Windows Admin Center (WAC), providing administrators with enhanced security through smart card integration and Active Directory Certificate Services. This authentication method significantly strengthens access controls by requiring administrators to present valid certificates before accessing the management gateway, effectively adding a strong second authentication factor beyond…
-
Customer Identity and Access Management: A Complete Guide to Fundamentals, Implementation, and Security
Customer Identity and Access Management represents a critical capability for organizations seeking to build trusted, long-term relationships with their customer First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/customer-identity-and-access-management-a-complete-guide-to-fundamentals-implementation-and-security-2/
-
The CISO’s guide to rolling out generative AI at scale
Tags: access, ai, best-practice, chatgpt, ciso, communications, governance, guide, jobs, lessons-learned, network, privacy, risk, technology, tool, trainingSet the stage for success Before launch, host an organization-wide lunch and learn to introduce the platform, explain the rollout’s goals, and connect the initiative to real work. This is not a marketing event; it’s an operational alignment session. Bring the vendor in to walk through the platform, show what it does, and answer questions.…
-
The CISO’s guide to rolling out generative AI at scale
Tags: access, ai, best-practice, chatgpt, ciso, communications, governance, guide, jobs, lessons-learned, network, privacy, risk, technology, tool, trainingSet the stage for success Before launch, host an organization-wide lunch and learn to introduce the platform, explain the rollout’s goals, and connect the initiative to real work. This is not a marketing event; it’s an operational alignment session. Bring the vendor in to walk through the platform, show what it does, and answer questions.…
-
Review: Practical Purple Teaming
Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/review-practical-purple-teaming/
-
Review: Practical Purple Teaming
Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/review-practical-purple-teaming/
-
Anton’s Security Blog Quarterly Q3 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, edr, google, governance, guide, metric, office, RedTeam, risk, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify). Gemini for docs based on this blog Top 10 posts with the most…
-
TDL 005 – A Defender’s Journey: From Passion Project to Protecting Children Online
Tags: access, business, control, corporate, country, cyber, cybersecurity, data-breach, defense, dns, encryption, endpoint, finance, github, government, group, guide, identity, Internet, jobs, microsoft, network, open-source, privacy, risk, service, technology, tool, zero-trustSummary A Defender’s Journey: From Passion Project to Protecting Children Online In a recent episode of “The Defender’s Log,” host David Redekop sat down with cybersecurity expert Will Earp to discuss his unconventional path into the industry and his current mission-driven career. Earp, a self-proclaimed “tinkerer” from a young age, shared how his early fascination…
-
The Complete Guide to Analyst Research Firms: How Innovative Companies Navigate the Landscape
90% of enterprise buyers consult analysts before purchasing. Yet most startups struggle with analyst relations. Here’s your complete roadmap to navigating Gartner, Forrester, and 20+ top research firms”, from a serial entrepreneur who’s been on both sides. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/the-complete-guide-to-analyst-research-firms-how-innovative-companies-navigate-the-landscape/
-
Session Management 101: A Beginner’s Guide for Web Developers
Master the fundamentals of session management for building secure and stateful web applications. Learn cookies, server-side storage, and best practices in Node. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/session-management-101-a-beginners-guide-for-web-developers/
-
Session Management 101: A Beginner’s Guide for Web Developers
Master the fundamentals of session management for building secure and stateful web applications. Learn cookies, server-side storage, and best practices in Node. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/session-management-101-a-beginners-guide-for-web-developers/
-
CSO Awards winners highlight security innovation and transformation
Tags: ai, attack, automation, awareness, best-practice, business, ciso, cloud, compliance, conference, control, cyber, cybersecurity, data, defense, detection, finance, flaw, framework, governance, group, guide, infrastructure, intelligence, login, malicious, metric, mitre, network, penetration-testing, phishing, privacy, programming, risk, risk-management, service, siem, skills, soc, software, technology, threat, tool, training, update, vulnerability, vulnerability-managementFSU tackles third-party risk with tighter vendor management program: Organization: Florida State UniversityProject: Third-Party Risk Management ProgramSecurity leader: Bill Hunkapiller, CISOOfficials at Florida State University wanted to ensure that data shared with outside entities was well protected. To achieve that, CISO Bill Hunkapiller and his team revamped its third-party risk management program so that the…
-
Steps to Achieve Enterprise Readiness for Software
A detailed guide for CTOs and VP of Engineering on achieving enterprise readiness for software, covering security, scalability, compliance, and integration. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/steps-to-achieve-enterprise-readiness-for-software/
-
Steps to Achieve Enterprise Readiness for Software
A detailed guide for CTOs and VP of Engineering on achieving enterprise readiness for software, covering security, scalability, compliance, and integration. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/steps-to-achieve-enterprise-readiness-for-software/