TECH EDITION | Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management

ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised. [TechWeb]( Follow Dark Reading: [RSS]( August 20, 2022 LATEST SECURITY NEWS & COMMENTARY [Transitioning From VPNs to Zero-Trust Access Requires Shoring Up Third-Party Risk Management]( ZTNA brings only marginal benefits unless you ensure that the third parties you authorize are not already compromised. [Google Cloud Adds Curated Detection to Chronicle]( The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team. [Microsoft Rolls Out Tamper Protection for Macs]( The new feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS. [New Open Source Tools Launched for Adversary Simulation]( The new open source tools are designed to help defense, identity and access management, and security operations center teams discover vulnerable network shares. [Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST]( A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How to Resolve Permission Issues in CI/CD Pipelines]( This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines. [We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It]( Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation. [Supply Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight]( Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference. [MORE]( EDITORS' CHOICE [New Cross-Industry Group Launches Open Cybersecurity Framework]( Eighteen companies, led by Amazon and Splunk, announced the OCSF framework to provide a standard way for sharing threat detection telemetry among different monitoring tools and applications. FROM THE NEWS DESK [Mac Attack: North Korea's Lazarus APT Targets Apple's M1 Chip]( Lazarus continues to expand an aggressive, ongoing spy campaign, using fake Coinbase job openings to lure in victims. WEBINARS - [Understanding Machine Learning, Artificial Intelligence, & Deep Learning, and When to Use Them]( Advancements in artificial intelligence technology and machine learning and deep learning algorithms promise to transform enterprise security by giving IT security teams tools to detect and respond to attacks faster than before. Before security teams can use these tools, they ... - [Malicious Bots: What Enterprises Need to Know]( Bots are launching more complex and targeted attacks such as price scraping, credential stuffing, scalping, and credit card fraud, but many security defenders are still focused on only the most obvious attacks. Automated bot attacks are on the rise, but ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [6 Elements of a Solid IoT Security Strategy]( - [Five Best Practices for AWS Security Monitoring]( - [Eight Best Practices for a Data-Driven Approach to Cloud Migration]( - [Sumo Logic for Continuous Intelligence]( - [Understanding DNS Threats and How to Use DNS to Expand Your Cybersecurity Arsenal]( - [The Many Facets of Modern Application Development]( [View More White Papers >>]( FEATURED REPORTS - [Breaches Prompt Changes to Enterprise IR Plans and Processes]( - [Implementing Zero Trust In Your Enterprise: How to Get Started]( - [Incorporating a Prevention Mindset into Threat Detection and Response]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [OpenSSF Announces 13 New Members Committed to Strengthening the Security of the Open Source Software Supply Chain]( [ThreatX Raises $30 Million in Series B Funding to Accelerate Growth in Global API Protection Market]( [AuditBoard Launches Third-Party Risk Management Solution, Empowering Enterprises to Tackle IT Vendor Risk at Scale]( [SEPT. 7-9: Ukraine, Election, AI, Cybercrime, 5G Among Topics Explored by 125+ Speakers at 13th Billington Cybersecurity Summit]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Black Hat USA 2022 Attendee Report]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2022]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)