“When we’re doing threat modeling, we have some sense that these are the known vulnerabilities that we are modeling against and here’s where we think we are weak, and that kind of goes away with chaining multiple vulnerabilities,” Jim Reavis, CEO and co-founder of Cloud Security Alliance (CSA) told attendees. “CVSS scoring, it seems like that’s not super relevant anymore.”
Jon Yeoh, chief scientific officer at CSA, agreed, touching on the “son of Mythos” threat as well.
The problem was never detection For the last decade, the security industry has focused on detection. The emphasis has been on generating more alerts, improving…
The three join Anthropic and OpenAI, which signed similar agreements almost two years ago during the Biden administration, when CAISI was known as the US…
Hackers exploit unpatched instances While a patch has been available for months, a recent VulnCheck finding places the first in-the-wild exploitation on April 6. Caitlin…
“This is the absolute worst-case scenario,” he added. “Because of how vital this platform is to large enterprises, threat actors will be aggressively scanning for…
The latter is the case for Jamie Norton, vice chair of the ISACA board. “As a long-term member, I had reached a stage in my…
The attack follows a series of supply chain attacks that impacted multiple open-source projects across different package repositories over the past several weeks, most of…
