Security news aggregator

Latest coverage for Security Posture Management

Security posture management assesses an organization's defenses, identifies gaps, and helps prioritize fixes that reduce exposure to cyberattacks.

155 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security posture management is the ongoing assessment and improvement of an organization’s security configuration, controls, and exposure across cloud services, endpoints, identities, applications, and data. It typically inventories assets, checks settings against policy, identifies vulnerabilities or excessive access, and tracks whether remediation is completed. Related terms such as cloud, SaaS, and attack-surface posture management describe narrower scopes of the same discipline.

Its security value depends on accurate asset discovery and useful prioritization: an exposed storage resource, weak identity control, or unpatched internet-facing system may warrant faster action than a lower-risk policy deviation. Effective programs detect configuration drift, correlate findings with exposure and threat intelligence, assign accountable owners, and verify fixes rather than merely reporting them. Practitioners should also assess what telemetry is collected and retained, since posture platforms can access sensitive configuration, identity, and inventory data; least-privilege access and appropriate privacy controls are therefore material.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 155
Bank Info Security 1 month, 2 weeks ago

Why Firms Struggle With Vendor Security After They Sign

Study: Monitoring Vendor Risk Remains Much Harder Than Onboarding Third PartiesHealthcare organizations are getting better vetting third-party vendors, including suppliers of medical devices, software and other products. But once these vendors are on board, healthcare firms still struggle with monitoring their security posture and ensuring they keep their promises.

The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it

Various touch-ups added as MPs seek greater resilience to attacks on critical sectors UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a significant overhaul of local cybersecurity legislation to sharpen the security posture of the most critical sectors.…

From Detection to Resolution: Why the Gap Persists A critical vulnerability is identified in an exposed cloud asset. Within hours, five different tools alert you about it: your vulnerability scanner, XDR, CSPM, SIEM, and CMDB each surface the issue in their own way, with different severity levels, metadata, and context

Deal Would Boost Veeam's Cyber Footprint as Data Protection Vendor Valuations SurgeBloomberg reported that data protection and ransomware recovery giant Veeam is in advanced talks to buy DSPM and AI security vendor Securiti for $1.8 billion, with an announcement coming as soon as this week. The deal would accelerate Veeam's pivot from backup and disaster recovery to cybersecurity.

Deal Would Boost Veeam's Cyber Footprint as Data Protection Vendor Valuations SurgeBloomberg reported that data protection and ransomware recovery giant Veeam is in advanced talks to buy DSPM and AI security vendor Securiti for $1.8 billion, with an announcement coming as soon as this week. The deal would accelerate Veeam's pivot from backup and disaster recovery to cybersecurity.

In the era of rapidly advancing artificial intelligence (AI) and cloud technologies, organizations are increasingly implementing security measures to protect sensitive data and ensure regulatory compliance. Among these measures, AI-SPM (AI Security Posture Management) solutions have gained traction to secure AI pipelines, sensitive data assets, and the overall AI ecosystem. These solutions help

Firm Hits $6B Valuation, Eyes Fast Delivery of Unified DSPM, DLP and Identity ToolsCyera’s latest $540 million Series E funding underscores growing urgency among global firms to secure sensitive data before feeding it into AI models. With demand soaring, the startup is investing heavily in DSPM, DLP and identity innovation across cloud and on-prem environments.

In today’s security landscape, budgets are tight, attack surfaces are sprawling, and new threats emerge daily. Maintaining a strong security posture under these circumstances without a large team or budget can be a real challenge. Yet lean security models are not only possible - they can be highly effective

Bank Info Security 1 year, 1 month ago

Behavior Data Now Key to Cyber Risk Posture

Frost & Sullivan's Stahnke on How Human Risk Insights Drive Better Threat ResponseLegacy cybersecurity training often fails because users skip the content or treat it as a compliance task. Forward-looking organizations now recognize that human behavior is a critical piece of their security posture, said Claudio Stahnke, industry analyst at Frost & Sullivan.

Deal Aims to Target Identity and AI Risks, SaaS Blind Spots With Unified SecurityBy acquiring Suridata, Fortinet plans to introduce SaaS Security Posture Management to its SASE platform. The update provides end-to-end visibility into SaaS apps, identity threats and AI plugin misuse, making SSPM a vital control plane in cloud-first security strategies.

Bank Info Security 1 year, 2 months ago

Cyberhaven Taps Product Chief Nishant Doshi as Interim CEO

CEO Howard Ting's Resignation Comes as Data Protection Company Hits $1B ValuationCyberhaven appointed product chief Nishant Doshi as interim CEO as longtime leader Howard Ting transitions to the board. With a sevenfold valuation increase and deep investment in Gen AI security and DSPM, the company is preparing to unify data controls across enterprises.

Loading more headlines...