Recently, vendors of security rating services have added attack surface analysis services to their commercial offerings. These offerings are not based on newly developed products but rather on the positioning of their existing solutions for a new use case. However, the attempt to apply such solutions to the analysis of external attack surface risks is not only wrong but also dangerous. Security rating services are simply not built for purpose and as a result, leave organizations with risky blind spots.
Reposify’s External Attack Surface Management VS. Security Rating Services
Topics: "Attack Surface Management", "Security Risk Assessment", security risk ratings
PCI compliance alone will not prevent the next breach
Back in 2004, the Financial giants Visa, American Express, Discover Financial Services, and JCB International together with the Security Standard Council formed the PCI DSS (Payment Card Industry Data Security Standard). The PCI DSS is a set of security standards including 12 requirements for protecting cardholder data and maintaining a safe and secure payment ecosystem.
Topics: PCI DSS
SSL certificates grant authentication to your websites or domains and are critical for ensuring a proper encrypting of Internet traffic and verifying servers’ identity. Without these certificates, end users will have no way of knowing if the website they are currently browsing is who it claims it is.
Topics: "Attack Surface Management", Expired SSL Certificates
SolarWinds' Attack - Exposed Orion PlatformS are Still Out There
The SolarWinds supply chain attack is one of the most sophisticated cyber attacks the world has witnessed in recent years.
Topics: "Remote Work", "Attack Surface Management", "Security Risk Assessment", SolarWind, Orion Platform, Supply chain attack
Topics: "risk assessment", "Attack Surface Management", "Shadow IT", Attack Surface, cyber risk management, IT RISK ASSESSMENT
Topics: "risk assessment", "Attack Surface Management", "Shadow IT", Attack Surface, cyber risk management, IT RISK ASSESSMENT
Topics: "risk assessment", "Attack Surface Management", "Shadow IT", Attack Surface, cyber risk management, IT RISK ASSESSMENT
Topics: "Attack Surface Management", Cloud storage, Attack Surface, cyber risk management
How to reduce Shadow IT with engaging awareness training
We set down with Kfir Tzukrel, CISO at Direct Finance for a chat about the risks of Shadow IT and how to make cyber security awareness training engaging and fun.
Topics: "risk assessment", "IT Security Audits", "Attack Surface Management", shadow it risks, Attack Surface
How to stay on top of your ever-changing Attack Surface
"Truly understanding the full scope of the business and its risks is a huge challenge. its constantly changing and you need to react quickly."
Topics: "risk assessment", "IT Security Audits", "Attack Surface Management", Attack Surface