They bypassed multi-factor authentication by exploiting OAuth tokens—proving that locking the door isn’t enough. How secure is your vault when attackers can slip in through trusted third-party apps? Dive in to see what the Salesloft/Drift breach teaches us.
https://thedefendopsdiaries.com/defending-the-vault-lessons-from-the-salesloftdrift-oauth-breach/
#oauthsecurity
#googleworkspace
#thirdpartybreach
#tokenmanagement
#cybersecurity
#infosec
#dataprotection
#assumebreach
#securityposture
Real-time vulnerability alerts are changing the game for cybersecurity—imagine getting an instant heads-up the moment a threat appears, instead of waiting on outdated updates. Ready for a new level of digital defense?
#cybersecurity
#vulnerabilityalerts
#realtimethreats
#infosec
#securityposture
Simple script to check how many sites a website is using in the "script" section of the page. My hypothesis is that a longer list is a sign of lower security posture.
Highlights the level of maturity in how the top level website for a given domain is designed. - GitHub - royans/domainrisk: Highlights the level of maturity in how the top level website for a give...
Incomplete #cybersecurity not only weakens your position against cybercriminals, it also hinders your ability to obtain #CybersecurityInsurance.
Organizations with a strong #SecurityPosture can reduce premiums and minimize the impact of potential incidents. Learn how tools like MFA, #MDR, and endpoint detection and response enhance your insurability. Read the report: https://bit.ly/4a0XCRq
Top 10 Features To Enhance Your Okta Security Posture: https://www.rezonate.io/blog/top-10-features-to-enhance-your-okta-security-posture/
Quick poll (and please vote before you read my take on this below).
Would an organization that had just been ISO27000 certified be a ????? target for an attacker (or Red Team/Pen-Test).
#RedTeam #PenTest #Attack #SecurityPosture #Value #Vote #CyberSecurity
Today's #cyberrisk is like Newton's Third Law of Motion. As networks become more complex, the risk of a #cyberattack becomes greater. @corelight_inc's own Matthew Ellison talked about this and more during his presentation at e-Crime & Cybersecurity Congress Event in the Nordics.
During his presentation "Shake the Box: Understanding Network Evidence in an Encrypted and Containerised World," Matt discussed why:
1. Network monitoring still offers defenders a compelling vantage point to mitigate #cyber risk and how it fuels #detectionandresponse
2. Network traffic is still the best evidence to support a solid #cyberdefense and #securityposture
Want to take an evidence-based approach to your #securitystrategy? Contact us for more information: https://corelight.com/solutions/why-evidence-based-security
In episode 177, we talk about Security in the Azure Well-Architected Framework.
This was a fun episode with @JussiRoine about the WAF Security pillar, and also about taking the assessment to better understand your security posture.
Don't compromise on security. Prioritize and nurture your security culture!
#azure #wellarchitected #assessment #cloudsecurity #securityposture #architecture
https://ctrlaltazure.com/episodes/177-security-in-the-azure-well-architected-framework
This is the Ctrl+Alt+Azure podcast. We talk about all things Microsoft Azure and share our experiences and thoughts on the way. Your hosts are Tobias Zimmergren and Jussi Roine.
The DefendOps Diaries
Sanjay Mohindroo
HcInfosec
Royans Tharakan
Sophos
Tedi Heriyanto
Martin Boller 
Corelight
Tobias Zimmergren