Attack surface management

Most Recent

Related events

Ransomware

We can – and must – do better recovering from ransomware attacks

Trevor DearingMarch 20, 2025

Companies need to shift the focus from ransomware prevention to recovery.

Vulnerability Management

Penetration Tests: useful, pointless, harmful, required, ineffective? – Phillip Wylie – ESW #398

March 16, 2025

Penetration tests are probably the most common and recognized cybersecurity consulting services. Nearly every business above a certain size has had at least one pentest by an external firm. Here's the thing, though - the average ransomware attack looks an awful lot like the bog standard pentest we've all been purchasing or delivering for years. Yet...

Computer screen showing red ransomware warning message in home o

Attack surface management

Seed funding secures $3.2M for ThreatMate

SC StaffFebruary 10, 2025

Aside from integrating analytics and continuous monitoring to improve MSP management of customers' accounts, ThreatMate's solution has been touted to enable automated penetration testing, cybersecurity audits, risk scoring, asset discovery, and dark web tracking to facilitate less complex and costly security, compared with typical enterprise security platforms.

Application security

PyPI’s Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark – ASW #313

January 14, 2025

Design lessons from PyPI's Quarantine capability, effective ways for appsec to approach phishing, why fishshell is moving to Rust component by component (and why that's a good thing!), what behaviors the Cyber Trust Mark might influence, and more!

Threat Intelligence

How threat-informed defense benefits each security team member – Frank Duff – ESW #389

January 12, 2025

We're thrilled to have Frank Duff on to discuss threat-informed defense. As one of the MITRE folks that helped create MITRE ATT&CK and ATT&CK evaluations, Frank has been working on how best to define and communicate attack language for many years now. The company he founded, Tidal Cyber is in a unique position to both leverage what MITRE has built ...

Automated penetration testing

Critical Rockwell PowerMonitor flaws addressed

SC StaffDecember 23, 2024

SecurityWeek reports that Rockwell Automation has issued fixes for a trio of critical flaws impacting Allen-Bradley PowerMonitor 1000 instances, which could be leveraged to infiltrate and disrupt industrial systems.

Active Directory

Semperis HIP conference Day One: Microsoft mea culpa, a call for cybersecurity coalitions

Paul WagenseilNovember 14, 2024

Semperis’ Hybrid Identity show kicks off with a Microsoft mea culpa, hospital war games and an appeal for a coalition of the willing among cyber defenders.

AI/ML

Immersive Labs launches cybersecurity crisis simulator

SC StaffNovember 13, 2024

Using simple prompts, the AI-powered tool generates tailored scenarios that address varied cyberattack types such as ransomware and supply chain threats, enabling security teams to prepare for specific threat actors and industry-related risks.

Attack surface management

Related events

Attack Surface Management: Continuous discovery, external attack paths

Salesforce security in a shared responsibility world: Eliminating misconfigurations and drift before they become breaches

Attack Surface Management: Continuous discovery, external attack paths

We can – and must – do better recovering from ransomware attacks

Penetration Tests: useful, pointless, harmful, required, ineffective? – Phillip Wylie – ESW #398

Seed funding secures $3.2M for ThreatMate

PyPI’s Quarantine, Phishing & Awareness, Porting Fishshell to Rust, Cyber Trust Mark – ASW #313

How threat-informed defense benefits each security team member – Frank Duff – ESW #389

Critical Rockwell PowerMonitor flaws addressed

Semperis HIP conference Day One: Microsoft mea culpa, a call for cybersecurity coalitions

Immersive Labs launches cybersecurity crisis simulator

Fast Five

Selected by the SC Media Editorial team every Tuesday.