Help Net Security

AuditBoard announced new AI-powered audit capabilities, further integrating AI into the product, boosting efficiency, and enabling auditors to focus on more strategic tasks. Internal audit teams are increasingly integrating AI into their work according to the Internal Audit Foundation’s 2025 North American Pulse of Internal Audit report, which found that four in 10 respondents are already using generative AI for internal audit activities, with 65% of respondents planning to increase generative AI involvement. AuditBoard’s new … More →

The post AuditBoard unveils AI-powered audit capabilities appeared first on Help Net Security.

Alloy launched Fraud Attack Radar, a machine learning-powered solution that provides financial institutions (FIs) and fintechs with actionable intelligence on fraud threats targeting new account creation. The new solution helps organizations address rising fraud risks by alerting in real-time when a suspected fraud attack is happening, with actionable insights in the Alloy platform to contain, triage and investigate threats, giving FIs the ability to proactively fight fraud without impeding growth. According to Alloy’s 2025 State … More →

The post Alloy Fraud Attack Radar provides intelligence on fraud threats appeared first on Help Net Security.

Rambus announced its next-generation CryptoManager Security IP solutions including Root of Trust, Hub and Core families. The CryptoManager Security IP offerings deliver progressively higher levels of functional integration and security, enabling customers to choose the level of security features and capabilities best suited to their unique requirements. The CryptoManager Root of Trust delivers a fully-turnkey solution and offers a Quantum Safe boot flow. The CryptoManager Hub provides the ideal combination of proven cryptographic building blocks … More →

The post Rambus introduces CryptoManager Security IP solutions appeared first on Help Net Security.

CISOs face mounting pressure to spend wisely on security. Yet, many organizations remain vulnerable due to misplaced priorities and inefficient budgeting. This article explores common pitfalls and offers strategies to strengthen cybersecurity. Recent data highlights a paradox: while cybersecurity budgets rise, security incidents continue unabated. A survey by the Ponemon Institute revealed a 59% increase in cyber budgets year-over-year, yet 61% of organizations experienced a data breach or cybersecurity incident in the past two years. … More →

The post Smart cybersecurity spending and how CISOs can invest where it matters appeared first on Help Net Security.

The global transition to remote work has reshaped traditional workplace dynamics, introducing challenges and opportunities for cybersecurity teams. For CISOs and security professionals, embracing a remote workforce can be a strategic advantage, enhancing team capabilities and driving the modernization of security practices. Specialized security positions For CISOs struggling to fill highly specialized cybersecurity roles, remote work provides a critical advantage: access to a global talent marketplace where niche expertise is more readily available. Instead of … More →

The post How remote work strengthens cybersecurity teams appeared first on Help Net Security.

Application Security Engineer Tipalti | Israel | On-site – View job details As an Application Security Engineer, you will conduct application security assessments, including architecture design reviews and threat modeling. Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development. Design, build, and implement advanced application security solutions. Lead security audits, vulnerability assessments, and code reviews. CISO Datastream Digital | Brunei | On-site – View job details … More →

The post Cybersecurity jobs available right now: March 11, 2025 appeared first on Help Net Security.

The Cybersecurity Trinity provides a comprehensive approach to modern cybersecurity by integrating AI, automation, and active cyber defense (ACD) into a unified strategy. Instead of addressing these elements in isolation, the author demonstrates how they work together to enhance security effectiveness, offering a practical and actionable framework grounded in the NIST Cybersecurity Framework. About the author Donnie Wendt, an adjunct professor of cybersecurity at Utica University, brings over 30 years of hands-on experience in cybersecurity, … More →

The post Review: The Cybersecurity Trinity appeared first on Help Net Security.

Pondurance announced a major new version of its cybersecurity platform. Pondurance Platform 2.0 provides the foundation for Pondurance’s risk-based MDR service specifically designed to eliminate breach risks. With this announcement, Pondurance arms customers with the latest monitoring, detection, and response capabilities through a new platform that encompasses everything organizations entrusted with personal customer information need to protect themselves from breach risks. This unified portal enables them to detect, respond to, and remediate cyber threats in … More →

The post Pondurance Platform 2.0 identifies data breach risks appeared first on Help Net Security.

Detectify announced Alfred, a system that uses AI to completely autonomously source, prioritize, and generate high-fidelity security tests for the CVEs that are most likely to be exploited. This innovation allows Detectify to continuously and dynamically deliver security research to AppSec teams with speed and coverage, uniting the automation of human ingenuity from the Detectify Crowdsource community of ethical hackers with the powerful capabilities of AI Research. With more than 100 new CVEs published daily … More →

The post Detectify Alfred helps security teams collect threat intelligence appeared first on Help Net Security.

SimSpace launched Stack Optimizer, designed to help organizations evaluate, test, and optimize their security and IT infrastructure. By leveraging SimSpace’s realistic simulated environments, organizations can perform comprehensive security performance benchmarking, validate detection engineering strategies, optimize operational workflows, and validate compliance readiness—enhancing overall cyber resilience and IT efficiency. Redefining security & it performance optimization Stack Optimizer provides a real-world testing environment, allowing organizations to measure their security technologies against simulated threats and operational stress tests. This … More →

The post SimSpace Stack Optimizer allows organizations to measure their security technologies appeared first on Help Net Security.

The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ vulnerabilities, we saw 37 CVEs fixed in Windows 11 and 33 CVEs in Windows 10. This was rounded out by 8 CVEs addressed in the Office 365 online versions and Office 2016 in standalone form. Microsoft made a few announcements and fixes in the last month you should be aware of. … More →

The post March 2025 Patch Tuesday forecast: A return to normalcy appeared first on Help Net Security.

Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of features for HTTP interception, analysis, and manipulation. Features MITM HTTP proxy – Capture and inspect traffic with advanced logging and search capabilities. HTTP client – Manually create, edit, and replay requests for detailed testing. … More →

The post Hetty: Open-source HTTP toolkit for security research appeared first on Help Net Security.

Every year, millions of old tech are thrown away due to age, malfunctions, or to make way for new ones, which creates security risks related to the data on these devices. The data can often still be recovered if devices are erased without proper tools and procedures. Here’s why securely disposing of old tech is crucial. Old devices may still contain: Saved passwords and login credentials Banking and credit card information Personal photos, emails, and … More →

The post How to safely dispose of old tech without leaving a security risk appeared first on Help Net Security.

In this Help Net Security video, Fran Rosch, CEO at Imprivata, discusses organizations’ challenges in securing third-party access and offers valuable insights on how businesses can address these risks effectively. A recent report conducted by the Ponemon Institute, “The State of Third-Party Access in Cybersecurity,” found that third-party data breaches have severe consequences across critical sectors, with data theft and loss posing the greatest risk. Healthcare is the most affected, with 60% of breaches leading … More →

The post Who’s in your digital house? The truth about third-party access appeared first on Help Net Security.

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How QR code attacks work and how to protect yourself While QR codes are convenient, they also present significant risks. In the past few years, cybercriminals have increasingly turned to these codes as a tool to carry out scams. The CISO’s bookshelf: 10 must-reads for security leaders Discover essential reads for CISOs in this curated list of books covering cybersecurity … More →

The post Week in review: How QR code attacks work and how to protect yourself, 10 must-reads for CISOs appeared first on Help Net Security.

Storage fees in general (e.g., API calls, operations, data access) comprise 49% of an average user’s service bill, compared to the actual stored capacity, according to a study conducted by Vanson Bourne. Nearly all organizations globally have experienced data security-related benefits from public cloud storage. The top security benefits are: Improved data security capabilities compared to the previous environment. Easier prevention/mitigation of unplanned data loss events. Cloud storage costs continue to soar Storage fee vs. … More →

The post Cloud security gains overshadowed by soaring storage fees appeared first on Help Net Security.

Armis has acquired OTORIO, a provider of OT/ ICS cyber security solutions. This accelerates Armis’ roll out of an on premise version of its Cyber Exposure Management platform, Armis Centrix and cements its leadership in cyber physical systems (CPS) security. Armis will fully integrate OTORIO’s Titan platform into Armis Centrix, delivering a single, comprehensive solution for critical infrastructure, manufacturing and industrial environments: Armis Centrix for OT/IoT Security (On-Prem) ensures robust, localised protection for air-gapped or … More →

The post Armis acquires OTORIO to strenghten OT and IoT security appeared first on Help Net Security.

Traditional training often lacks the hands-on experience cybersecurity teams need to counter advanced threats. AI-powered gamified simulations combine artificial intelligence with interactive learning to enhance their skills. Conventional cybersecurity training programs frequently rely on static content, which can become outdated. These programs may also lack the engagement necessary to maintain participant interest, leading to suboptimal retention of critical skills. In contrast, gamified simulations introduce dynamic, scenario-based learning environments that mirror real-world cyber threats, fostering more … More →

The post Can AI-powered gamified simulations help cybersecurity teams keep up? appeared first on Help Net Security.

In this Help Net Security video, John Grancarich, Fortra’s Chief Strategy Officer, discusses the 2025 Fortra State of Cybersecurity Survey and highlights escalating concerns among security professionals about AI-driven threats and a shortage of cybersecurity skills. The survey reveals that 83% of organizations identify phishing and smishing as top security risks, with 50% expressing increased unease over evolving technologies like generative AI. To combat these challenges, 77% of respondents plan to focus on identifying and … More →

The post AI threats and workforce shortages put pressure on security leaders appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from Outpost24, Palo Alto Networks, Red Canary, and Sonatype. Outpost24 introduces CyberFlex to streamline attack surface management and pen testing Outpost24 has launched Outpost24 CyberFlex, a comprehensive application security solution that combines Attack Surface Management (ASM) and Penetration Testing as a Service (PTaaS) to manage and secure an organization’s external-facing applications, and deliver enhanced visibility in a flexible and agile way. … More →

The post New infosec products of the week: March 7, 2025 appeared first on Help Net Security.