Best Practices

Futuristic Sci-Fi glowing HUD clock fading, representing how the clock is now ticking on Cyber Resilience Act compliance

Clock ticking on Cyber Resilience Act compliance, Bug Bounty forecasts, intriguing CISA red team find – OffSec roundup for CISOs

The clock for compliance with the EU Cyber Resilience Act has now started ticking

Cyber Resilience Act: compliance countdown set to start for EU law focused on eliminating vulnerabilities

Attack surface discovery illustrated with nodes that represent attack vectors and text that reads: ‘mapping your attack vectors’

Attack surface discovery: mapping your exposed vectors with continuous threat exposure management (CTEM series #1)

EU flag signifies NIS 2 entering into force and the Cyber Resilience Act being adopted

NIS 2 in force, Cyber Resilience Act adopted, CISA hails VDP impact – OffSec roundup for CISOs

YesWeHack vulnerability triage chief Adrien Jeanneau on the art of triaging bug bounty vulnerability reports in this YesWeHack interview

‘Happy hunters equal happy customers and vice versa’: YesWeHack vulnerability triage chief Adrien Jeanneau on creating a virtuous Bug Bounty circle

Servers with mess of wires plugged in in an example of tech sprawl

Tackling tech sprawl, CISO burnout, NIS 2 now enforceable – OffSec roundup for CISOs

EU flag on parliament building with text on left side of image: "NIS 2 Enters into force"

The NIS 2 Directive is now enforceable: What are the implications for vulnerability management?

The Windows blue screen of death took down an estimated 8.5 million Windows machines following a botched CrowdStrike software update.

Partial SolarWinds reprieve, CrowdStrike lessons, LLM kryptonite – OffSec roundup for CISOs

NIS 2 in brief, security tech hype cycle, Italy’s first ever live Bug Bounty – OffSec roundup for CISOs

Apple declines to pay Kaspersky vuln reward, Bug Bounty ‘extortion’ dispute, Microsoft Recall backlash – OffSec roundup for CISOs

Countdown to NIS 2 compliance: Key insights and implications for your SecOps strategy

Man wearing black smart watch

UK PSTI Act: ‘World first’ IoT security rules offer reminder of VDP virtues