Finding and verifying all of a company’s web assets across the entire internet is a massive undertaking. You essentially need to filter the whole internet and try to pick out what is relevant, and then set about detecting the risks – or even potential risks – within what you have found. This isn’t a process that can be managed manually. The staff-hours alone would make this hugely prohibitive, and that’s without taking into account the potential margin for error. Instead, it requires a different approach, one based around automation. In this editorial, Cybersprint's Lead Data Science & Analytics, Willem van Zwieten, explains how algorithms and automation helps your organisation stay secure.
read moreEditorial: Automated hacking
by Robert Krenn // 21-12-2021
Let me start by pointing out that automated hacking is not a new problem, it has been around for some time. However, with companies’ attack surfaces becoming increasingly sprawling and complex, and with hacks getting more advanced, it is becoming a much more pressing problem for organisations. Read the editorial below, or click the download button to open the PDF in a new window.
read moreEditorial: 6 steps to achieving zero shadow IT
by Pieter Jansen // 17-11-2021
Shadow IT has long been a problem for organisations. Formal IT is routed through the IT department, where it’s approved, purchased, set up, and, importantly, supported and maintained. Shadow IT falls outside this process, and is normally split into two categories: / Systems that the IT department doesn’t know about. / Systems the IT department knows about but needs to keep running as they are integral to business operations. The second category is the real Shadow IT and the biggest problem for businesses. So how can you protect your business from the perils of shadow IT? Here are Pieter's six steps.
read moreEditorial: Why API Security might be the next big thing
by Eward Driehuis // 29-04-2021
API security is one of those essential elements, as it’s rooted in so many processes. Yet, it’s still easily overlooked. API security needs a second component to be effective. In this insight, I will outline what that is and why you need it.
read moreEditorial: Exchange CVEs: The Response Plan Gap
by Eward Driehuis // 30-03-2021
It’s been two weeks since Microsoft released a patch for the Exchange vulnerabilities. For many, the dust has settled. Others are still fighting fires. Today, I’d like to look back at some of the problems we saw. Some were expected, other surprised us. I’ll go over them, and give tips on how these problems can be avoided in the future.
read moreEditorial: Supply chain attacks
by Eward Driehuis // 11-03-2021
Today, supply chain attacks are as abundant as they are elusive. However, as many parties communicate about the dangers and their technical solutions, not much is said about the basics of supply chains attacks. I have written this article based on my personal experiences knowledge on the subject. I hope it answers most of your questions about the topic, so that you have a solid basis to expand your supply chain security from.
read more