Tag: risk
-
CYFIRMA FireTail: Working Together for Complete Visibility and Robust API Security FireTail Blog
Tags: ai, api, attack, cloud, cyber, data, detection, intelligence, leak, ml, open-source, risk, saas, threat, vulnerabilityNov 11, 2025 – Alan Fagan – CYFIRMA is an external threat landscape management platform that combines cyber intelligence with attack surface discovery and digital risk protection to deliver early warning, personalized, contextual, outside-in, and multi-layered insights. The company’s cloud-based AI and ML-powered analytics platforms provide deep insights into the external cyber landscape, helping clients…
-
FireTail CEO, Jeremy Snyder, Set to Present at UK Cyber Week 2023 FireTail Blog
Tags: api, attack, best-practice, breach, ceo, cloud, cyber, cybersecurity, data, defense, detection, office, open-source, risk, strategy, vulnerabilityNov 11, 2025 – Jeremy Snyder – On April 5, 2023, during UK Cyber Week, our CEO Jeremy Snyder will present, “API security – what is it, why you should care, and how to protect your org”. The session, part of the OT & IT Cyber Security track, will explore the rise of APIs and…
-
CYFIRMA FireTail: Working Together for Complete Visibility and Robust API Security FireTail Blog
Tags: ai, api, attack, cloud, cyber, data, detection, intelligence, leak, ml, open-source, risk, saas, threat, vulnerabilityNov 11, 2025 – Alan Fagan – CYFIRMA is an external threat landscape management platform that combines cyber intelligence with attack surface discovery and digital risk protection to deliver early warning, personalized, contextual, outside-in, and multi-layered insights. The company’s cloud-based AI and ML-powered analytics platforms provide deep insights into the external cyber landscape, helping clients…
-
Introduction to REST API Security FireTail Blog
Tags: access, api, application-security, authentication, best-practice, business, cloud, control, data, data-breach, ddos, detection, encryption, finance, firewall, group, identity, infrastructure, monitoring, network, password, radius, risk, service, technology, threat, tool, update, vulnerabilityNov 11, 2025 – Jeremy Snyder – A common analogy for APIs is that they are LEGO blocks, or more specifically, APIs are the little studs and slots that allow you to attach LEGO pieces to each other and build something bigger than any individual piece. The LEGO pieces in this analogy would be individual…
-
FireTail CEO, Jeremy Snyder, Set to Present at UK Cyber Week 2023 FireTail Blog
Tags: api, attack, best-practice, breach, ceo, cloud, cyber, cybersecurity, data, defense, detection, office, open-source, risk, strategy, vulnerabilityNov 11, 2025 – Jeremy Snyder – On April 5, 2023, during UK Cyber Week, our CEO Jeremy Snyder will present, “API security – what is it, why you should care, and how to protect your org”. The session, part of the OT & IT Cyber Security track, will explore the rise of APIs and…
-
FireTail CEO, Jeremy Snyder, Set to Present at UK Cyber Week 2023 FireTail Blog
Tags: api, attack, best-practice, breach, ceo, cloud, cyber, cybersecurity, data, defense, detection, office, open-source, risk, strategy, vulnerabilityNov 11, 2025 – Jeremy Snyder – On April 5, 2023, during UK Cyber Week, our CEO Jeremy Snyder will present, “API security – what is it, why you should care, and how to protect your org”. The session, part of the OT & IT Cyber Security track, will explore the rise of APIs and…
-
Introduction to REST API Security FireTail Blog
Tags: access, api, application-security, authentication, best-practice, business, cloud, control, data, data-breach, ddos, detection, encryption, finance, firewall, group, identity, infrastructure, monitoring, network, password, radius, risk, service, technology, threat, tool, update, vulnerabilityNov 11, 2025 – Jeremy Snyder – A common analogy for APIs is that they are LEGO blocks, or more specifically, APIs are the little studs and slots that allow you to attach LEGO pieces to each other and build something bigger than any individual piece. The LEGO pieces in this analogy would be individual…
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
Cybersecurity Maturity and Why Your API Security is Lagging Behind FireTail Blog
Tags: access, api, attack, awareness, breach, cloud, compliance, control, cybersecurity, data, data-breach, defense, detection, framework, malicious, monitoring, network, nist, risk, threat, vulnerabilityNov 11, 2025 – Jeremy Snyder – Understanding Cybersecurity Maturity Models (CMM) Cybersecurity maturity models offer valuable guidance for organizations seeking to enhance their security posture. While the Cybersecurity Maturity Model Certification (CMMC) version 1.0, originally created by the U.S. Department of Defense (DoD), has been widely adopted, it’s important to note that there are…
-
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices
What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
Data Privacy in the World of ChatGPT: Risks, Importance, Best Practices
What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of models called the Generative Pre-trained Transformer orRead…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats
Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data. First seen on hackread.com Jump to article: hackread.com/cisco-open-weight-ai-models-long-chat-exploit/
-
AI Agents Rewriting Fraud Rules
The New Fraud Frontier: How AI Agents Are Rewriting the Rules Pop quiz: What percentage of your traffic is from agentic AI? If you answered “I don’t know,” you are not alone and you’re sitting on a major blind spot that’s both a risk and an opportunity. Even though agentic AI traffic today is… First…
-
Your passwordless future may never fully arrive
Tags: access, api, attack, authentication, breach, ceo, ciso, cloud, compliance, credentials, cyber, cybersecurity, group, infrastructure, insurance, mfa, network, passkey, password, risk, service, strategy, technology, vpn, zero-trustAll-in passwordless strategies fall short: Jim Taylor, chief product and strategy officer at RSA, says today’s enterprise environment and existing passwordless approaches make “100% passwordless not possible just yet,” adding that “85% is possible, with the 15% representing the complicated and the very specialized” needs such as “security admins who need to log in to…
-
Your passwordless future may never fully arrive
Tags: access, api, attack, authentication, breach, ceo, ciso, cloud, compliance, credentials, cyber, cybersecurity, group, infrastructure, insurance, mfa, network, passkey, password, risk, service, strategy, technology, vpn, zero-trustAll-in passwordless strategies fall short: Jim Taylor, chief product and strategy officer at RSA, says today’s enterprise environment and existing passwordless approaches make “100% passwordless not possible just yet,” adding that “85% is possible, with the 15% representing the complicated and the very specialized” needs such as “security admins who need to log in to…
-
Hidden risks in the financial sector’s supply chain
When a cyber attack hits a major bank or trading platform, attention usually turns to the institution. But new research suggests the real danger may lie elsewhere. BitSight … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/hidden-financial-sector-cyber-risk/
-
Threat Report: xHunt Targets Microsoft Exchange and IIS with Custom Backdoors
The xHunt advanced persistent threat group continues to pose a significant cybersecurity risk through sophisticated attacks targeting Microsoft Exchange and IIS web servers with custom-built backdoors. This highly focused cyber-espionage operation has maintained persistent, multi-year campaigns primarily aimed at organizations in Kuwait, with particular emphasis on the shipping, transportation, and government sectors. First identified in…
-
OWASP Top 10 2025 Released: Major Revisions and Two New Security Classes Added
The Open Web Application Security Project (OWASP) has officially unveiled the eighth edition of its influential Top 10 security risks list for 2025, introducing significant changes that reflect the evolving landscape of application security threats. The update features two new security categories and substantial shifts in risk rankings based on contributed data and community feedback.…
-
OWASP Highlights Supply Chain Risks in New Top 10 List
Security misconfiguration jumped to second place while injection vulnerabilities dropped, as organizations improve defenses against traditional coding flaws. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/owasp-highlights-supply-chain-risks-new-top-10
-
OWASP Highlights Supply Chain Risks in New Top 10 List
Security misconfiguration jumped to second place while injection vulnerabilities dropped, as organizations improve defenses against traditional coding flaws. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/owasp-highlights-supply-chain-risks-new-top-10
-
OWASP Top 10 2025 Released: What’s New in Web App Security
The OWASP Top 10:2025 highlights evolving web security risks and the need for proactive, resilient software defenses. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/news-owasp-top-10-2025/
-
Tenable Is a Leader in the First-Ever Gartner® Magic Quadrant for Exposure Assessment Platforms
Tags: advisory, ai, attack, business, cloud, control, cyber, cybersecurity, data-breach, exploit, gartner, guide, identity, risk, service, technology, threat, tool, vulnerability, vulnerability-managementOur customers are proving what exposure management can do. Thank you for trusting us to be part of your mission. Key takeaways Tenable believes our evolution of exposure management and our strong, mature partner ecosystem contributed to our position as a Leader in the 2025 Gartner® Magic Quadrant for Exposure Assessment Platforms. Tenable is positioned…