UpGuard
BreachSight: an Engine for Securing Data Leaks
This post was originally published here by UpGuard. When we began building a Cyber Risk Research team at UpGuard, we knew there were unavoidable risks. We would be finding and publishing reports on sensitive, exposed data in order to stanch the flow of such private information onto the public internet. It seemed likely the entities […]
Vendor Risk: The Hidden Challenge of GDPR Compliance
This post was originally published here by UpGuard. The European Union’s GDPR regulations go into effect in May of this year. In essence, GDPR is a strict data privacy code that holds companies responsible for securing the data they store and process. Although GDPR was approved in April 2016, companies affected by the regulations are still struggling […]
Portfolio Management with CyberRisk Labels
.This post was originally published here by UpGuard. One of the challenges in mitigating third-party risk is effectively managing large portfolios of vendors. Business often have hundreds or thousands of suppliers, each used differently, presenting different kinds of information security risks. To solve this problem, CyberRisk uses a common pattern found in email clients and […]
How UpGuard Monitors Linux Systems for Meltdown and Spectre
This post was originally published here by UpGuard. Meltdown/Spectre Overview Meltdown and Spectre are critical vulnerabilities affecting a large swathe of processors: “effectively every [Intel] processor since 1995 (except Intel Itanium and Intel Atom before 2013),” as meltdownattack.com puts it. ARM and AMD processors are susceptible to portions of Meltdown, though much less at risk than the affected Intel […]
Minimizing Cyber Risk in Microsoft Environments
This post was originally published here by UpGuard. Microsoft’s enterprise software powers the majority of large environments. Though often hybridized with open source solutions and third party offerings, the core components of Windows Server, Exchange, and SQL Server form the foundation of many organizations’ data centers. Despite their prevalence in the enterprise, Microsoft systems have […]
Inside the Security Ratings for the Riskiest Government Contractors
This post was originally published here by UpGuard. The government of the Unites States of America is perhaps the largest target on Earth for cyber attacks. The US has plenty of enemies, a track record of perpetrating cyber warfare and espionage (even upon its allies), numerous recent instances of susceptibility to such attacks, countless official […]
Securing GitHub Permissions with UpGuard
This post was originally published here. GitHub is a popular online code repository used by over 26 million people across the world for personal and enterprise uses. GitHub offers a way for people to collaborate on a distributed code base with powerful versioning, merging, and branching features. GitHub has become a common way to outsource the […]
What Constitutes a Company’s Web Presence?
This post was originally published here by UpGuard. Introduction The Internet Footprint There is much more to a company’s internet presence than just a website. Even a single website has multiple facets that operate under the surface to provide the functionality users have become accustomed to. The internet footprint for every company comprises all of their websites, […]
Security Ratings Explained:The Problem of Digitization
This post was originally published here by UpGuard. The digitization of business has increased the speed of commerce, the scope of customers, the understanding of consumer habits, and the efficiency of operations across the board. It has also increased the risk surface of business, creating new dangers and obstacles for the business itself, not just […]
Resilience in the Age of Automated Hacking
This post was originally published here . When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data. In doing so, we can make the mistake of ascribing the same humanity to their methods, thinking of […]
