Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.

Discover the biggest opportunities for enhanced risk insights on the horizon––and Bitsight's strategy for helping customers capitalize through ongoing enhancements to our data platform in 2025 and beyond.

Understand SameSite, Same-Origin Policy, CORS, and Subresource Integrity (SRI) to enhance web security, manage cross-origin requests, and protect JavaScript.

CVE-2024-4577 is a critical vulnerability in Windows-based PHP installations, affecting CGI configurations, that allow remote code execution.

APTs stand in stark contrast with most of the deep and dark web’s users, but they do exist. Learn 5 functions and examples of APTs on the deep, dark web.

For effective threat hunting, threat intelligence from deep & dark web sources is a fundamental prerequisite for success. Learn more about threat hunting now.

Vulnerability intelligence is the continuous monitoring, analysis, & prioritization of vulnerabilities based on real-world threat activity. Learn more.

Dark web monitoring provides real-time insights on threats, vulnerabilities, and leaked data to help organizations stay ahead of cyber risks. Learn more now.

If you’re considering a new cyber threat intelligence product, here are three steps to take that should help you make the right choice for your organization.

Dark web forums serve as hubs for various discussions, from cybersecurity to privacy to hacking.
But how many users are active on these forums? Learn more now.
But how many users are active on these forums? Learn more now.

Leaked & compromised credentials pose serious cybersecurity risks. Learn how they happen, how attackers exploit them, and how to prevent credential exposure.

It’s every security manager's worst nightmare. A member of the IT department reaches to alert that malicious software has been detected on an internal network, and the hacker potentially has access to layers of sensitive data. In the following days and weeks of remediation, locating an access point, and reinforcing cybersecurity measures, security managers often ask themselves, “could this data leak have been prevented?”

If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.