Three Ways Ox Security Helps You Achieve FedRAMP

Three Ways Ox Security Helps You Achieve FedRAMP

Compliance mandates are a fact of life for security teams. There is no shortage of rules and regulations businesses must meet to certify that their organizations are architecting to specified standards for data handling, access controls, testing and auditing, and so much more. Over the years, cybersecurity teams have bemoaned the fact that “compliance does […]

A Playbook for Detecting the OpenSSH Vulnerability – CVE-2024-6387 – regreSSHion

The Qualys Threat Research Unit has discovered a new “high” severity signal handler race condition vulnerability in OpenSSH’s server software (sshd). According to the research, this vulnerability has the potential to allow remote unauthenticated code execution (RCE) for glibc-based Linux systems. This CVE has the potential to affect 14 million servers. Exploitation of this bug, […]

Third-Party Trust Issues: AppSec Learns from Polyfill

Copy of Active ASPM Webinar Resources Tile

By now, you’ve likely seen the LinkedIn posts, the media stories, and even some formerly-known-as “Tweets”: The latest exploit to hit front pages is the malicious use of polyfill.io, a popular library used to power a large number of web browsers. As per usual, there’s a ton of speculation about what’s happening. Is this the […]