ExisorWhat is Just-in-Time Access? Just-in-time (JIT) access is a privileged access management (PAM) component that orchestrates users, applications, and/or system access privileges on an as-needed basis, or for a specified duration. JIT access is practiced as part of an identity and access management (IAM) strategy that ensures the resources are available to those who need […]
What is Platform-as-a-Service? Platform-as-a-Service (PaaS) is a method of delivery in which an organization’s developers can access software and tools through the web, instead of accessing them on local machines or computing environments. A PaaS solution works by combining cloud infrastructure and software with a graphic user interface (GUI). Your cloud infrastructure through PaaS includes […]
What is an Enterprise Risk Profile? Enterprise Risk Management (ERM) is a strategic approach to security management through the use of risk management principles. This management philosophy can be applied to any area of risk including operational, financial, security, compliance, legal risks, and more. Examples of security risks include physical security, cybersecurity, information security, investigations, […]
What is Formjacking? Formjacking is a type of cyberattack that steals credit card details by inserting malicious JavaScript code into online payment forms. This malicious code operates covertly in the background on payment form web pages that are often served to the victim from a third-party payment processing company, but can also be found in: […]
What are Machine Learning and Artificial Intelligence Threats? As machine learning (ML) and artificial intelligence (AI) become more prevalent in our daily lives and digital world, it is important to consider the concerns associated with adopting these technologies. The following are security risks to be aware of: Data poisoning and model poisoning. ML systems rely […]
What is Privacy Risk Management? Privacy risk is the potential loss of control over personal information. Personally identifiable information (PII) refers to any information about an individual maintained by an agency, including any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of […]
What is Pseudonymization? The General Data Protection Regulation (GDPR) is a privacy and security law from the European Union (EU) that imposes obligations anywhere in the world where data from EU citizens is targeted and/or collected. The GDPR will levy harsh fines against those who violate their privacy and security standards, regardless of whether the […]
What is Inadequate Patch Management? Patch management is a critical function of maintaining a robust and secure IT infrastructure. Patch management involves identifying, testing, and deploying updates to help keep systems protected from known vulnerabilities. With so many different devices of different types in an organization, it is a difficult task to ensure that they […]
What is File System Virtualization? File virtualization refers to storage virtualization technology that involves developing an abstraction layer between the file server and the users that access those files. File system virtualization helps developers to publish only relevant shared folders and to provide authentication-based private folders. Through file system virtualization, users are able to access […]
What is a Jamming Attack? A jamming attack is a type of denial-of-service (DoS) attack in which a cyberattacker uses a device to intentionally create interfering radio signals that effectively “jam” the airwaves, resulting in the access point (AP) and any client devices being unable to transmit. Depending on the power of the radio transmitter […]