Author: Ketan Nilangekar

Much has been reported, blogged and pod-casted about the recent high-profile cyber security events surrounding Solarwinds. However, for many including myself, there has been a sense of foreboding about such an event for some time now, given the state of third party security. The response from the stakeholders indicate that while this event is still […]

  • Posted in Uncategorized
  • Comments Off on Third party and supply chain security – a different approach
  • Posted in Uncategorized
  • Comments Off on Webinar: Proactive ransomware prevention through better cyber hygiene
  • Posted in Uncategorized
  • Comments Off on APJ Webinar: Eliminate your vulnerability backlog using AI driven prioritization

“An ounce of prevention is better than a pound of cure”. Whatever way you quote this age-old adage, its hard to argue against it. So it goes in the cyber security context as well – preventing cyber threats is always going to be better than curing them. For more than a decade now, we have […]

  • Posted in Uncategorized
  • Comments Off on REvil / Sodinokibi: A case for better proactive cyber security
  • Posted in Uncategorized
  • Comments Off on Webinar: Eliminate your vulnerability backlog using AI driven prioritization

Data Science and commercially available AI/ML implementations now make it possible to predict whether a vulnerability can be weaponized into malware. This could be a critical moment in cybersecurity as it allows vulnerability management to be truly proactive and reduces the remediation workload. But why bother with this? And even if we did, how could […]

Twigs is an essential tool for devops security to ensure that your open source dependencies are evaluated and tracked for vulnerabilities. As described in the earlier blog article – Getting started with twigs, one of the discovery modes supported by twigs is the discovery of open source dependencies as assets using the ‘repo’ mode. In this […]

  • Posted in Uncategorized
  • Comments Off on Discovering your open source dependencies using twigs

Introduction The bedrock of asset discovery in ThreatWatch is ‘twigs’ (short for ThreatWatch Inventory Gathering Script). twigs is a python based open source utility script maintained by ThreatWatch. twigs aims to provide a simple extensible interface to all types of assets and asset management systems in order to discover the metadata required by ThreatWatch to […]

Starting this month, Java 8 users will have to make a choice. Pay a minimum of $40 for support and security updates or continue to use Java 8 with no security updates or fixes. Users will also not have access to a number of APIs like Java Web Start and Java Applets which will be […]

  • Posted in Uncategorized
  • Comments Off on The Java paywall is here

The rationale behind network firewalls was simple: build a moat around the castle to keep out the bad guys and allow only the people you trust, in over the moat. Essentially, protect your internal network from the big bad internet by selectively allowing or disallowing traffic between the two. Perimeter security relies on a set […]

  • Posted in Uncategorized
  • Comments Off on The myth of perimeter security