Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.

The OSINT Framework assists analysts in gathering & organizing open-source information. Learn the 5 steps of OSINT, sources, tools, and how to use it.

Here’s what we see as the most important questions that tech buyers should be asking about how their vendors use AI today.

Cybercrime is illegal activity that involves networks or digital devices. Learn about types of cybercrime including DoS attacks, supply chain attacks, & more.

This article provides details on how Bitsight TRACE addressed CVE-2024-23897, an arbitrary file read vulnerability that affects Jenkins.

SOX compliance requires companies to focus on 7 critical areas: from internal controls to cybersecurity measures. Find a full checklist for SOX compliance.

Join Ben Edwards, as he takes a brief look back at one of the stories that was most interesting to him as a security data nerd from 2024.

At Bitsight, our collective observations highlight five critical areas that will shape cybersecurity strategies in 2025.

Instant Insights for SOC 2 is a new feature that is available to Bitsight VRM customers at no additional cost. It uses advanced AI techniques to analyze and summarize SOC 2 doc and more!

Discover the biggest opportunities for enhanced risk insights on the horizon––and Bitsight's strategy for helping customers capitalize through ongoing enhancements to our data platform in 2025 and beyond.

Learn GDPR Compliance 101: Understand key principles, requirements, and steps to ensure data protection, avoid penalties, and build customer trust globally.

Understand SameSite, Same-Origin Policy, CORS, and Subresource Integrity (SRI) to enhance web security, manage cross-origin requests, and protect JavaScript.

CVE-2024-4577 is a critical vulnerability in Windows-based PHP installations, affecting CGI configurations, that allow remote code execution.