Executive Overconfidence is a security risk that Netsparker Research finds

Netsparker, the leading enterprise dynamic application security testing (DAST) solution, teamed up with Dimensional Research to understand the maturity and effectiveness of web application security in organizations worldwide. Security professionals from 382 organizations across the globe responded to the survey, with roles spanning development, DevOps, and C-suite. Netsparker analyzed the findings and today released a report, "New Vulnerability Found: Executive Overconfidence."

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Spotlight

Cyber attacks are increasing in volume, sophistication, and severity, and the federal government has taken notice. Now, they’re taking action — most recently in the form of new cybersecurity rules from the Securities and Exchange Commission. In “11 Ways to Streamline SEC Cybersecurity Compliance with Risk Cloud,” we explore a va

Related News

Software Security

SAIC Announces New Zero Trust Edge Capability

Business Wire | November 03, 2023

Science Applications International Corp. (NYSE: SAIC) today announced new, purpose-built Zero Trust security capabilities, which provide a solution to answer the Zero Trust pillars addressing data, identity, devices, networks, applications and workloads. The new Zero Trust security capabilities have been tested and validated on an AWS Snowball Edge and AWS Snow Family device with on-board storage and compute power for select Amazon Web Services (AWS) capabilities. AWS Snowball Edge can support local processing and edge-computing workloads in addition to transferring data between a user’s local environment and AWS. SAIC has brought together the best-in-class tools to deliver a mission-ready Zero Trust Edge capabilities that provides multi-level secure data processing and analytics and prioritizes data in a DDIL environment to transport back to the cloud, said Lauren Knausenberger, chief innovation officer at SAIC. This provides warfighters with a critical capability to extend their enterprise OCONUS, with the ability to run disconnected ops and rapidly adopt technologies and capabilities needed for mission success. This capability has the potential to be a critical enabler for Combined Joint All-Domain Command and Control (JADC2), with the ability to deploy at forward operating bases, on air platforms and at sea. Through the combined efforts of AWS; SAIC; Koverse, an SAIC company; Okta; CrowdStrike; Zscaler and Splunk, ready-to-install cybersecurity and Zero Trust technologies combine data and provide multi-level security from the edge through the enterprise. This capability meets the challenges of Wide Area Network (WAN) or no WAN connectivity by enabling offline compute capabilities and replicates mission-critical data after connectivity is restored. These components of software and hardware allow the capabilities to address the five pillars of the Zero Trust Maturity Model and therefore help increase cybersecurity posture at the edge. SAIC is an industry leader in cloud and cybersecurity, addressing Zero Trust security capabilities, including the latest capabilities which have been validated and tested on an AWS Snowball Edge device.

Read More

Software Security

Palo Alto Joins Telstra as the First Sole Cyber Security Vendor

Palo Alto | September 22, 2023

Palo Alto Networks has announced a strategic partnership with the largest telecommunications company in Australia, Telstra. This signifies Palo Alto Networks' commitment to delivering an expanded portfolio of cybersecurity solutions and services to meet the needs of Telstra's extensive business clientele. The partnership strengthens the existing 10-year relationship between Palo Alto Networks and Telstra. Palo Alto Networks, a global cybersecurity company, has announced teaming up with Telstra, Australia's largest telecommunications company, to offer an enhanced range of cybersecurity solutions and services to Telstra's business clients both in Australia and around the world. This collaboration marks a significant milestone, as Palo Alto Networks becomes the first dedicated cybersecurity company to be recognized as a technology alliance partner for Telstra's enterprise customer segment. Telstra serves customers in over 200 countries and territories. Telstra's technology alliance partners collaborate to create and provide comprehensive services encompassing connectivity, voice, and professional services. These services are designed to assist businesses of all sizes in addressing their challenges and capitalizing on opportunities. Regional Vice President for Australia and New Zealand of Palo Alto Networks, Steve Manley, stated, This new alliance with Telstra reinforces Palo Alto Networks’ position in the Australian market as the leading cyber security vendor to leading telecommunications carrier in Australia. It also reinforces our increased commitment to offering industry-leading joint solutions with one of the country’s most trusted managed service providers. Together, Palo Alto Networks and Telstra will collaborate to offer businesses with best-of-breed cyber security solutions to help keep them safe in a rapidly changing market landscape. [Source – Web Wire] This new partnership further solidifies the long-standing 10-year relationship between Palo Alto Networks and Telstra. It also builds upon previous agreements that expanded Telstra's SecureEdge portfolio with offerings like SecureEdge Cloud for business clients and Sovereign SecureEdge for the Australian government and agencies, both powered by Palo Alto Networks' advanced cloud-based security services. David Burns, Enterprise Group Executive at Telstra, said, Cyber security has become one of the top concerns among businesses worldwide, including here in Australia, and especially in the wake of a no. of high-profile cyber breaches. We’re now seeing the industrialization of cybercrime and the scale of threat continues to evolve and grow. As a result, we all need to be constantly changing, adapting, and looking at new technologies that can assist protect us and our customers’ data. As a leading provider of network, managed, and professional services, this new alliance between Telstra and Palo Alto Networks further boosts our capabilities to help customers protect their organizations and data from evolving cyber threats. [Source – Web Wire]

Read More

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More