Be part of our 20th UpGuard Summit—our biggest one yet! Live May 20 & 22
Register Now
AI, Exploits, and Third-Party Risk: What’s Really Happening Across the S&P 500?
Register Now
Looking to streamline your TPRM? Join our Product Deep Dive Webinar with live Q&A!
Register Now

Cybersecurity & Risk Management Blog

Resources to help you keep up to date
with industry insights, best practices and more.
Categories
Attack Surface Management
Company news
Compliance and Regulations
Cybersecurity
Data breaches
Devops
Risks and Vulnerabilities
Third-Party Risk Management
Vendor Risk Management
UpGuard logo
Ongoing TPRM Success: Continuous Security Monitoring with AI
Nicholas Sollitto
Nicholas Sollitto
April 9, 2025

Most recent posts

Human Cyber Risk

The Shadow AI Data Leak Problem No One's Talking About

Is your team unknowingly leaking sensitive data through its AI usage? Discover the dangers of Shadow AI and strategies for secure AI adoption at work.
Leah Sadoian
Leah Sadoian
April 23, 2025
Third-Party Risk Management

The Risk of Third-Party AI Trained on User Data

Analyzing privacy policies can tell us which companies are using AI and training their models with your data.
Greg Pollock
Greg Pollock
April 16, 2025
Cybersecurity

How AI is Changing The Way We Manage Cyber Exposure

Unpack the future of cyber exposure with AI—from evolving attacks to smarter defenses. Learn what’s real, what’s next, and how to stay ahead.
Leah Sadoian
Leah Sadoian
April 15, 2025
Risks and Vulnerabilities

Analyzing llama.cpp Servers for Prompt Leaks

How are generative AI technologies leaking data? In this report we analyse prompt leaks from llama.cpp servers.
Greg Pollock
Greg Pollock
April 11, 2025

Attack Surface Management

Attack-Surface-Management

What is Enterprise Attack Surface Management?

Find out what it's is critical for large businesses hoping to minimize their risk of suffering data breaches, both internally and externally.
Edward Kost
Edward Kost
December 12, 2024
Attack-Surface-Management

Critical Features Your Attack Surface Management Tool Must Have

Explore the critical features that work together to create a comprehensive and effective attack surface management tool for any organization.
Leah Sadoian
Leah Sadoian
December 17, 2024
Attack-Surface-Management

Top Strategies to Protect Your Website from Subdomain Takeovers

Subdomain takeovers are rising in prominence across the internet. Explore best practices to safeguard your website against this type of cyber attack.
Leah Sadoian
Leah Sadoian
January 16, 2025
Attack-Surface-Management

What is External Attack Surface Management (EASM)?

Learn more about external attack surface management (EASM) and how choosing the right EASM solution can make a difference for your organization
Nicholas Sollitto
Nicholas Sollitto
January 2, 2025
December 13, 2024
All attack surface management posts

Company news

Company news

Cast a Wider Net: UpGuard Now Scans 5x More Sources

Introducing UpGuard’s enhanced news and incident coverage. 500% better coverage to keep you ahead of the latest security threats.
UpGuard Team
UpGuard Team
January 16, 2025
Company news

UpGuard Expands Vendor Risk Questionnaire Library with New DORA Questionnaire

Achieve compliance with DORA, UpGuard’s latest addition to its industry-leading Questionnaire Library.
Kyle Chin
Kyle Chin
November 18, 2024
Company news

G2 Names UpGuard #1 TPRM Software - Summer 2024

UpGuard has once again been recognized as a Leader in Third-Party and Supplier Risk Management Software by G2. Read on to discover more insights.
Kaushik Sen
Kaushik Sen
November 18, 2024
Company news

UpGuard Summit May 2024 Recap: Automated TPRM

Revisit the May 2024 UpGuard Summit, exploring new product capabilities and automated TPRM strategies presented by global security leaders.
Nicholas Sollitto
Nicholas Sollitto
January 9, 2025
All company news posts

Compliance & Regulations

Compliance & Regulations

Introducing UpGuard’s DPDP Act Security Questionnaire

Discover the latest addition to UpGuard's industry-leading Questionnaire Library and learn how to achieve comprehensive DPDP compliance.
Nicholas Sollitto
Nicholas Sollitto
November 18, 2024
Compliance & Regulations

APRA CPS 230: Definition, Summary & Compliance Guide

Learn about the new requirements of CPS 230 and how to achieve compliance before it comes into effect on 1 July 2025.
Leah Sadoian
Leah Sadoian
November 18, 2024
Compliance & Regulations

From NIS to NIS2: What Your Organization Needs to Know

Understanding the transition from NIS to NIS2 is crucial for protecting your organization. Explore the key changes and compliance steps in this blog.
Leah Sadoian
Leah Sadoian
January 9, 2025
Compliance & Regulations

How to Prepare for a Cyber Essentials Plus Audit

Learn more about the Cyber Essentials Plus independent assessment process, and steps your organization can take to prepare.
Leah Sadoian
Leah Sadoian
January 16, 2025
All compliance and regulations posts

Cybersecurity

Cybersecurity

How AI is Changing The Way We Manage Cyber Exposure

Unpack the future of cyber exposure with AI—from evolving attacks to smarter defenses. Learn what’s real, what’s next, and how to stay ahead.
Leah Sadoian
Leah Sadoian
April 15, 2025
Cybersecurity

Preparing for the Next Big Cyber Threat: Expert Recommendations

Get expert insights on emerging cyber threats—from AI risks to supply chain attacks—and discover actionable tips to future-proof your security.
Leah Sadoian
Leah Sadoian
April 9, 2025
Cybersecurity

Corporate Security Trends: How S&P 500 Companies Stay Secure

Explore how top S&P 500 companies are shaping corporate security trends and how to strengthen your cyber defenses.
Leah Sadoian
Leah Sadoian
March 26, 2025
Cybersecurity

The Cost of False Positives: Why Cybersecurity Accuracy Matters

Are false positives draining your security team? Learn how to reduce the noise and improve your organization’s cybersecurity accuracy.
Leah Sadoian
Leah Sadoian
March 19, 2025
All cybersecurity posts

Data Breaches

Data Breaches

Threat Monitoring for Superannuation Security

Attackers breached superannuation customer accounts with stolen credentials. We look at one way to detect compromised accounts sooner.
Greg Pollock
Greg Pollock
April 14, 2025
Data Breaches

The LastPass Data Breach (Event Timeline And Key Lessons)

A timeline of events from the LastPass data breach spanning from 2022-2023. Also includes key lessons to help you avoid suffering a similar fate.
Edward Kost
Edward Kost
January 5, 2025
Data Breaches

Top 5 Security Misconfigurations Causing Data Breaches

Overlooking these errors could be putting your business at risk of a costly data breach in 2023.
Edward Kost
Edward Kost
April 7, 2025
Data Breaches

How to Detect Identity Breaches (Before It’s Too Late)

Find out how your organization can detect identity breaches and how UpGuard can help.
Kyle Chin
Kyle Chin
January 16, 2025
All data breaches posts

DevOps

Dev Ops

Boost Your Cybersecurity with DevSecOps

Explore how DevSecOps can significantly enhance your organization's cybersecurity posture by integrating security into your development process.
Leah Sadoian
Leah Sadoian
January 16, 2025
Dev Ops

Release Testing Basics

Learn how to start testing your software before releasing it to the public, an essential part of the Software Development Lifecycle (SDLC).
UpGuard Team
UpGuard Team
November 18, 2024
Dev Ops

SCOM vs Splunk

How does Microsoft's data center monitoring solution compare to Splunk's leading platform for IT operational intelligence? Read more to find out.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 18, 2024
Dev Ops

Agent vs Agentless Monitoring: Why We Chose Agentless

Agentless data collection involves collecting data without installing any new agents. Learn why we didn't choose agent monitoring.
UpGuard Team
UpGuard Team
November 18, 2024
All DevOps posts

Risks and Vulnerabilities

Risks & Vulnerabilities

Analyzing llama.cpp Servers for Prompt Leaks

How are generative AI technologies leaking data? In this report we analyse prompt leaks from llama.cpp servers.
Greg Pollock
Greg Pollock
April 11, 2025
Risks & Vulnerabilities

Critical Middleware Vulnerability in Next.js (CVE-2025-29927)

Learn how to detect CVE-2025-29927, a critical vulnerability in Next.js that allows attackers to easily bypass middleware authorization measures.
Greg Pollock
Greg Pollock
March 31, 2025
Risks & Vulnerabilities

Understanding and Securing Exposed Ollama Instances

Explore how attackers are exploiting Ollama instances and learn what you can do to secure them across your infrastructure.
UpGuard Team
UpGuard Team
March 19, 2025
Risks & Vulnerabilities

Using Exposed Ollama APIs to Find DeepSeek Models

Misconfigured AI APIs can expose sensitive data and security risks. See what our research uncovered.
Greg Pollock
Greg Pollock
February 7, 2025
Risks & Vulnerabilities

Third-Party Risk Management

Third-party Risk Management

The Risk of Third-Party AI Trained on User Data

Analyzing privacy policies can tell us which companies are using AI and training their models with your data.
Greg Pollock
Greg Pollock
April 16, 2025
Third-party Risk Management

Ongoing TPRM Success: Continuous Security Monitoring with AI

Is manual work weighing down your security team and limiting your ability to scale? Learn how UpGuard and its AI features can help.
Nicholas Sollitto
Nicholas Sollitto
April 9, 2025
Third-party Risk Management

Report Writing Solved: Generating Actionable Assessment Reports

Is manual report writing slowing down your security team? Learn how UpGuard’s AI can help.
Nicholas Sollitto
Nicholas Sollitto
April 2, 2025
Third-party Risk Management

Remediation Made Easy: Reducing Risks and Driving Vendor Action

Is your security team lost in the chaos of managing vendor remediation? Learn how UpGuard’s AI can help.
Nicholas Sollitto
Nicholas Sollitto
March 26, 2025
All third-party risk management posts

Vendor Risk Management

Vendor Risk Management

Security Bottleneck? Here’s How to Accelerate Vendor Approvals

Are slow vendor approvals putting your organization at risk? Learn how to speed up third-party reviews without compromising security.
Leah Sadoian
Leah Sadoian
April 3, 2025
Vendor Risk Management

UpGuard’s Revamped Trust Page: Close Deals Faster

Learn how UpGuard's revamped trust page can help enable your revenue team and close deals faster.
Jess Hooper
Jess Hooper
March 27, 2025
Vendor Risk Management

Why Vendor Risk Management Can't Be a One-Time Task

Cyber threats evolve fast—so should your vendor risk strategy. Discover how continuous monitoring enhances security and reduces third-party risks.
Leah Sadoian
Leah Sadoian
March 5, 2025
Vendor Risk Management

What is Vendor Risk Monitoring in Cybersecurity?

Learn why vendor risk monitoring is a critical component of every Vendor Risk Management and Third-Party Risk Management program.
Edward Kost
Edward Kost
December 30, 2024
All vendor risk management posts
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating

Ready to see
UpGuard in action?

Free trial
Get a demo
UpGuard logo
UpGuard is a complete third-party risk and attack surface management platform.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Products
Tools
Company
Insights
Products
Compare
Solutions
Company
Insights
© UpGuard, Inc.
Research GuidelinesPlatform Terms & ConditionsWebsite Terms & ConditionsPrivacyCookies