Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Brandon Smith discusses some of the challenges an Automation Engineer face, Bitsight's partnership with Schneider Electric, and what manufacturers in general are doing to tackle ICS security.
Some practical examples of how Bitsight customers are finding quick wins with Trust Management Hub an effective governance, risk, and compliance (GRC) program.
This is a continuation of the series on web application security where we dive into cookie dynamics.
Bitsight’s visibility over infostealer malware which exfiltrates over Telegram suggests that the most infected countries are the USA, Turkey, and Russia, followed by India and Germany.
We commissioned Forrester Consulting to conduct a 2024 Total Economic Impact™(TEI) Of Bitsight study. Explore research on the financial impact that a typical organization can achieve with Bitsight.
This blog starts with the basics as part of a series regarding operational security, such as web application headers and defenses against attacks such as cross-site scripting (XSS), cross-site request forgery (CSRF), and vulnerabilities in included libraries.
How Bitsight leadership has set up and run a workable AI Council balancing innovation through the use of AI with being a cybersecurity risk management firm.
Our response to CVEs within the CUPS printing system, where several critical vulnerabilities were identified.
Recent investigation by Bitsight TRACE has discovered multiple critical 0-day vulnerabilities across six ATG systems from five different vendors.
In this Q&A, CNCS shares valuable insights into the challenges, requirements, and best practices surrounding NIS2 compliance.
I’ve had a number of requests to examine the finance sector in more detail including breakdowns of exactly what kind of financial organizations are experiencing greater risk and who is remediating more quickly. Here's some answers.
We dive deeper into a specific area where asset attribution can be particularly nuanced: assessing service providers’ security posture.
Want to know about Yet Another Vulnerability Scoring System (YASS)? Ben Edwards breaks down Stakeholder Specific Vulnerability Categorization and how to make it work.
Security ratings, or cyber security ratings, are a data-driven, objective and dynamic measurement of an organization’s security performance. Thousands of organizations around the world use Bitsight Security Ratings as a tool to address a variety of critical, interconnected internal and external use cases at scale in order to enable more effective decision making throughout the global business ecosystem.
An in-depth look into Web Application Security, and Bitsight's approach to related security metrics.