Situational awareness in cybersecurity is hard! And poor situational awareness can be disastrous in cybersecurity. For a CISO, it could mean missing acting on a critical gap in the security program, leading to a data breach that damages the company’s reputation and incurs massive fines. For a Director of Security Operations, it could result in …

Read More

The post Seeing the Unseen: How Generative AI Elevates Situational Awareness in Cybersecurity appeared first on Security Boulevard.

NIST CSF 1.1 to 2.0 is a significant update reflecting an inclusive and responsive approach to risk management. The most recent public draft of NIST CSF 2.0 includes expanded guidance and adds a sixth function, ‘Govern,’ to aid organizations in reducing cybersecurity risk. The NIST CSF 2.0 public draft aligns with feedback from Fortune 500 …

Read More

The post NIST CSF 2.0: The Journey so Far and What’s Ahead appeared first on Security Boulevard.

Consider the Rubik’s Cube: it has 6 sides and 54 colored tiles, yet is maddeningly difficult to solve – a fact I learnt the hard way by spending untold hours as a kid. You know all of the elements are there in front of you, but it can be complicated to get those colors in …

Read More

The post Product Announcement: Elevate Your Application Security with Balbix AppSec appeared first on Security Boulevard.

What is CISA Directive BOD 23-01? In October 2022, the US Cybersecurity and Infrastructure Security Agency (CISA), which is a part of the United States Department of Homeland Security (DHS), issued a new directive called BOD 23-01. This directive, titled “Improving Asset Visibility and Vulnerability Detection on Federal Networks”, requires that all US federal civilian …

Read More

The post 3 Ways Balbix can help operationalize CISA BOD 23-01 appeared first on Security Boulevard.

Alexander the Great is unquestionably one of the most famous military commanders in history. His victories are legendary. His ability to conquer cities and states more than 3,000 miles across the globe in a span of just 13 years is attributed to the advanced tactics that his military, the Macedonian army, would deploy during battle. …

Read More

The post Product Announcement: Operationalizing the MITRE ATT&CK Framework for use in Vulnerability Management appeared first on Security Boulevard.

As 2021 turned to 2022, the internet was on fire. Organizations around the world began identifying and remediating recently discovered Log4j vulnerabilities. Many of our customers, including a Fortune 100 company, contacted us for urgent assistance. Fortunately, we were in a position to help. We had the ability to produce a software bill of materials …

Read More

The post Product Announcement: Yes, You Can Have a Software Bill of Materials (SBOM)! appeared first on Security Boulevard.

When you drive a car, you can look through your windshield to see the road ahead. With this visibility, it’s easy to anticipate slowdowns and see where you need to make your next turn. This is a lot harder if you drive in reverse, as the view is fragmented across your side and rear-view mirrors. …

Read More

The post Balbix’s Role-Based Dashboards: Reduce Risk at High Velocity appeared first on Security Boulevard.

The cover of Verizon’s Data Breach Investigation Report 2022  depicts an empty, and unguarded, server room, an image eerily similar to the cover of the inaugural edition. This is the stark reality of the state of cybersecurity: despite all the advances in technology over the past 15 years, assets and data remain vulnerable to cyber …

Read More

The post Announcing Cybersecurity Posture Automation for GCP and Multi-Cloud Environments appeared first on Security Boulevard.

What is CISA Directive BOD 22-01? In November 2021, the US Cybersecurity and Infrastructure Security Agency (CISA), an agency of the United States Department of Homeland Security (DHS), issued a new binding operational directive, BOD 22-01. The directive, titled “Reducing the Significant Risk of Known Exploited Vulnerabilities”, encourages federal agencies and public and private sector …

Read More

The post Analyzing CISA Known Exploited Vulnerabilities with Business Context appeared first on Security Boulevard.

I recently read an engrossing book – “The Wisdom of Wolves: Lessons From the Sawtooth Pack”. The book is written by a couple who coexisted closely with a pack of wolves over a span of 6 years. The authors reflect on the numerous “human-like” virtues they observed while living as a part of wolf society. …

Read More

The post The Why, What and How of Vulnerability Risk Acceptance appeared first on Security Boulevard.