7 best practices for enterprise attack surface management


More cloud computing solutions, remote and work-from-home systems and internet-connected devices increase risk from an expanded attack surface. The best way to reduce the number of vulnerabilities is to establish a proper enterprise attack surface management program.

Proper attack surface management requires analyzing operations to discover potential vulnerabilities and understand the landscape. That information should help to develop a plan, but success depends on executing that plan across the organization’s network, systems, channels and touchpoints.

To read this article in full, please click here

Read more

Government-mandated SBOMs to throw light on software supply chain security


President Biden’s executive order (EO) on cybersecurity, released on May 12, is a sprawling and comprehensive document that aims to redress weaknesses in the digital security ecosystem. It is peppered with nearly 50 actions that the federal government must take within extraordinarily tight timeframes, signaling the urgency of the cybersecurity crisis the country faces.

Several parts of the EO seek to shore up software security. This long-overlooked and arcane topic has taken on new urgency following the SolarWinds and Microsoft Exchange software supply chain hacks.

To read this article in full, please click here

Read more

How to Prevent Breaches by Protecting Your Attack Surface

Preventing breaches begins with understanding and protecting your attack surface. For most enterprises, their attack surface is huge. To help wrangle it, security professionals have struggled for years to use tools such as network mapper (nmap) or vulnerability scanners to discover and test the security of internet-exposed assets; these typically present a path of least […]

The post How to Prevent Breaches by Protecting Your Attack Surface appeared first on Security Weekly.

Read more