Cyber Security Risk Management - Exposing and Fixing Security Vulnerabilities

Can you believe we are already at the end of Q1 2021? Despite the pandemic and the crazy working requirements of the last 12+ months, it seems that time is still moving at a pace beyond imagination. This of course hasn’t stopped cyber criminals from finding new and creative ways to penetrate current security technologies and techniques. It should come as no surprise that your understanding of cyber security risk management and how to expose and fix security vulnerabilities will mean the difference between success and failure.

BLOG Mar 29

DevSec Training Challenges Your Organization Should Overcome

Peanut butter and jelly; cookies and milk; DevOps and Security Training… yes, these are actually all things that should go together. While most people understand the first two food references, only those of us in cybersecurity should understand the third. As more press daily herald yet another security breach, it stands to reason that our development practices while may be becoming more agile, they still leave open vulnerabilities exploited by attackers.

BLOG Mar 22

How To Build A Security Mindset With DevSec Training

Another 2021 New Year’s Resolution should be to take a hard look at your current software engineer training regime. Do you even have one formalized? Do you ensure your developers refresh their skills yearly and update to current best practices? Do you know what it will cost your organization if something is miscoded or a potential security hole gets codded in?

BLOG Jan 25

3 Critical 2021 New Year's Resolutions For CISOs

Since most everyone is ringing in the New Year by sheltering in place, it may provide much needed time for reflection on what is needed to ensure 2021 is better than 2020 on all fronts. While we can’t control the impact of a pandemic, those of us in the IT security space can control how we prepare for the new onslaught of cyberattacks and hacker techniques that are sure to come in 2021.

BLOG Jan 04

Wishing You A Happy, Healthy & Safe New Year

From all of us at nVisium, we would just like to extend a huge note of gratitude to all of our existing customers as well as all of our potentially new customers and partners reading this blog today.

BLOG Dec 28

Insider Threat Awareness

If you have ever traveled to a foreign country, looked for a great new restaurant or went to the horse races for the first time, you probably looked up insider tips to help pave the way to an easier/better experience. Insider access has privilege and therefore is coveted for everything from tips on where to go, what to do and how to avoid problems. This also translates into our cyber world where insiders have access to critical IT resources that may be exploited for financial gain or even just malicious intent.

BLOG Aug 17

Development Training The Secure Way

Even the best athletes need a coach to maximize their performance, so it is not a far stretch to believe that having a development coach for your software engineering team would push them to great levels. Not just in productivity and performance, but in ensuring everything developed is also secure and the likelihood for cybercriminals to breach is minimized.

BLOG Aug 03

DDoS Attacks Demystified

Most CISOs are familiar with the 10 most common cyber-attacks including: Malware, Birthday, Eavesdropping, Cross-site scripting (XSS), SQL injection, Password, Drive-by, Phishing/Spear Phishing, Man-in-the-middle and Denial-of-Service/Distributed Denial-of-Service. The recent headlines reporting on the last in this list warrants further exploration of the subject.

BLOG Jun 29

5 Reasons To Train In DevSec

Ongoing training is mandatory to maintain and improve your skillset period.  It doesn’t make a difference if this is a world class athlete, business executive or average employee, all will benefit from ongoing training. Unfortunately, there is one group that often gets overlooked when it comes to ongoing training and that is your developers.

BLOG Jun 08

DevSec Mentoring From Home

The failure to recognize and remediate any critical security vulnerabilities, design flaws or privacy and compliance issues across any platform can be detrimental to an organization’s productivity, profitability and reputation. This means that something is needed to ensure developers and engineers are security-savvy, utilizing leading-edge assessment and training tools with proven agility and knowledge of next generation security programs. But how do you ensure your team has the latest information relative to each programming language or development environment?

BLOG May 25