When it comes to security oversight, I’m a big proponent of focusing on the things that matter. These are your highest payoff areas – otherwise known as your most urgent vulnerabilities on your most important systems. I learned this concept while studying time management and…
Lessons from the Log4j crisis: Are we ready for the next global vulnerability?
It was an unwelcome early Christmas gift shared with the entire world on December 9th, 2021. Log4Shell rocked the industry when we realized just how dangerous and far-reaching its effects could be. The mad scramble to find and patch the flaw left many organizations wondering…
What to know about Biden’s latest cybersecurity memorandum
Building on his administration’s historic cybersecurity executive order, President Joe Biden yesterday signed a new National Security memorandum (NSM) designed to further improve security across the Department of Defense, intelligence community, and national security systems. The memo lays out concrete requirements around the technology required…
Facing DevSecOps hurdles, federal agencies need a modern approach to security
Cybersecurity is no longer a nice-to-have. It’s an imperative for organizations that create, distribute, and manage software every day – especially true for federal agencies as the government moves away from legacy technology in the race to improve user experience and shift to the cloud…
Invicti Security Names Jeff Bray Chief Financial Officer
Former Rapid7 executive joins the company after another record year of growth Austin, TX and Boston, MA – January 11, 2022 – Invicti Security™ today announced seasoned financial executive Jeff Bray has joined the company as Chief Financial Officer. Bray brings decades of experience leading world-class finance teams in…
FTC words of warning: Remediate recent Log4j vulnerabilities or face consequences
In an unusual and noteworthy move, the Federal Trade Commission (FTC) issued an early warning to companies that haven’t yet patched recent Log4j vulnerabilities: remediate or risk legal and financial consequences. As noted by the FTC, the recent Log4j vulnerabilities are still being actively exploited…
Five fundamental tips for getting executive buy-in on AppSec
The need for effective cybersecurity programs has never been more apparent. By October of 2021, the number of data breaches leapfrogged the total from 2020 by 17%, and 2021 saw the highest average data breach cost in 17 years ($4.24 million, in fact). Yet, for…
2021 – the year in review
As 2021 comes to an end, it is time to sum up the year to see what it meant for Acunetix, Invicti, and the web application security industry. The rise of Invicti 2021 was the year when Acunetix became a brand of Invicti Security. The…
Log4j vulnerability resource center
Watch this space for the latest news and resources from Invicti on the Log4j crisis. Product update All Netsparker and Acunetix products now detect the CVE-2021-44228 Log4j-related vulnerability (known as Log4Shell or LogJam). More in our official statement. Our perspective Invicti President and COO Mark…