Shadow SaaS: What Every CISO Needs To Know
Shadow SaaS: What Every CISO Needs To Know January 12, 2024 What is Shadow SaaS The “Shadow SaaS” problem refers to the unauthorized use of Software-as-a-Service (SaaS) applications within an organization without the knowledge or approval of the IT department or management. This typically occurs when employees use external cloud-based services to fulfill their work-related […]
Next Gen Secure web gateway “without the web gateway”
Next Gen Secure web gateway “without the web gateway” January 27, 2024 Better security with No extra latency, No hair-pinning, No expensive cloud infrastructure There are more than 65000 SaaS applications in the world and the number is growing rapidly. Every company uses anywhere from 50 to few hundreds SaaS applications for finance, accounting, software […]
Rise in 3rd party risks and the security challenges, a wakeup call?
Rise in 3rd party risks and the security-challenges a wakeup call ? In mid-April 2024, Cisco Duo, a leading provider of multi-factor authentication (MFA) and single sign-on solutions, disclosed a security breach involving one of its third-party telephony providers. This provider is responsible for managing SMS and VoIP services crucial to Duo’s MFA system. The […]
DLP: A Guide to Various Approaches, Their Strengths and Limitations
DLP: A Guide to Various Approaches, Their Strengths and Limitations Data Loss Prevention is a critical compliance requirement for multiple regulations and standards that require organizations to protect sensitive information. Some of these regulations include HIPAA (Health Insurance Portability and Accountability Act) for protecting Protected Health Information (PHI), GDPR (General Data Protection Regulation) for personal […]
Scattered Spider” continues to target publicly listed US companies
“Scattered Spider” continues to target publicly listed US companies May 08, 2024 Scattered Spider is a name assigned to a cyber criminal gang who is known to conduct sophisticated phishing campaigns targeting Okta, Microsoft Entra ID or VPN credentials of their target organizations. They go by various aliases 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra. In November […]