cisa
Imperva and the Secure by Design Pledge: A Commitment to Cybersecurity Excellence
The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a voluntary “Secure by Design Pledge” for enterprise software manufacturers, focusing on improving the security of their products and services. This pledge outlines ...
CISA Director Easterly to Leave When Trump Assumes Presidency
Jen Easterly, who took over as CISA director in 2021, will step down in January when Donald Trump takes over as president, creating an uncertain future for the critical cybersecurity agency and ...
Zero-Day Exploits Surge in 2023, Cisco, Fortinet Vulnerabilities Targeted
A report from the Five Eyes cybersecurity alliance, released by the CISA, highlights the majority of the most exploited vulnerabilities last year were initially zero-day flaws, a significant increase compared to 2022 ...
MixMode Observes Increase in Threat Actor Activity Supporting CISA’s Heightened Election Security Concerns
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint statement with the Office of the Director of National Intelligence (ODNI) and the Federal Bureau of Investigation (FBI), highlighting the ongoing ...
Empowering Software Buyers Through Secure-by-Demand Guidelines
Interview by Deb Radcliff, editor of TalkSecure, hosted by CodeSecure and syndicated at YouTube, Bright Talk, and Security Boulevard Recently, the Cybersecurity and Infrastructure Security Agency (CISA) released its Secure by Demand ...
CISA Strategic Plan Targets Global Cooperation on Cybersecurity
The Cybersecurity and Infrastructure Security Agency (CISA) introduced its inaugural international strategic plan, a roadmap for strengthening global partnerships against cyber threats ...
EU CRA: Good Intentions, Impossible Requirements
As the European Union’s Cyber Resilience Act (EU CRA) prepares to publish a final draft, product manufacturers with any “digital” component must comply three years after final publication. If passed, the EU ...
Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-290A), published on October 16, 2024. The advisory highlights that since October 2023, Iranian cyber actors have used password ...
US and Other Countries Outline Principles for Securing OT
US security agencies and international counterparts list six principles critical infrastructure organizations should hold onto to ensure their OT environments are protected against the rising tide of cyberthreats coming their way ...
CISA and FBI Issue Alert on XSS Vulnerabilities
Cross-site scripting (XSS) vulnerabilities continue to be a major concern in today’s software landscape, despite being preventable. CISA and FBI have issued a Secure by Design alert to reduce the prevalence of ...
