Security Ratings Explained

The Problem of Digitization The digitization of business has increased the speed of commerce, the scope of customers, the understanding of consumer habits, and the efficiency of operations across the board. It has also increased the risk ...

Resilience in the Age of Automated Hacking

When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data. In doing so, we can make the mistake ...

What are Security Ratings?

Security ratings are like credit ratings, but for the assessment of a company’s web-facing applications. Where a credit rating lets a company determine the risk of lending to a prospective debtor, a security rating lets it decide how risky ...

UpGuard CyberRisk and Fair and Accurate Security Ratings Principles

In June of 2017 the U.S. Chamber of Commerce posted the “Principles for Fair and Accurate Security Ratings,” a document supported by a number of organizations interested in the emerging market for measuring cyber risk. The principles ...

Infrastructure Indexing: or, Why Server Headers Matter More than Ever

When we think about cyber attacks, we usually think about the malicious actors behind the attacks, the people who profit or gain from exploiting digital vulnerabilities and trafficking sensitive data. In doing so, we can make the mistake ...

Caught In The AWS Tarpit

Guest post by UpGuard engineer Nickolas Littau While running a series of unit tests that make API calls to Amazon Web Services (AWS), I noticed something strange: tests were failing unpredictably. Sometimes all the tests would pass, then ...

Cyber Resilience: What It Is and Why You Need It

  The way businesses handle the risks posed by their technology is changing. As with anything, adaptability is survivability. When the techniques, methods, and philosophies of the past aren’t working, the time has come to find something ...

How to Build a Sustainable Digital Business in the Cloud

Technology and Information How much digital technology is required for your business to operate? Unless this document has traveled back in time, the chances are quite a lot. Now consider how much digital technology your vendors require to ...

How Can Cloud Leaks Be Prevented?

When we examined the differences between breaches, attacks, hacks, and leaks, it wasn’t just an academic exercise. The way we think about this phenomenon affects the way we react to it. Put plainly: cloud leaks are an operational problem, ...

Why Do Cloud Leaks Happen?

Making Copies In our first article on cloud leaks, we took a look at what they were and why they should be classified separately from other cyber incidents. To understand how cloud leaks happen and why they are so common, we need to step ...

What Are Cloud Leaks?

Breaches, Hacks, Leaks, Attacks It seems like every day there’s a new incident of customer data exposure. Credit card and bank account numbers; medical records; personally identifiable information (PII) such as address, phone number, or ...

Check your Amazon S3 permissions. Someone will.

Nearly all large enterprises use the cloud to host servers, services, or data. Cloud hosted storage, like Amazon's S3, provides operational advantages over traditional computing that allow resources to be automatically distributed across ...

5 Biggest Takeaways From WannaCry Ransomware

Global in scale, with across the board press coverage, the WannaCry ransomware attack has quickly gained a reputation as one of the worst cyber incidents in recent memory. Despite the scale, this attack relied on the same tried and true ...

Visualizing Cyber Risk with UpGuard's Home Page Dashboard

Why dashboards? Nobody’s perfect. Success is almost always determined through trial and error, learning from mistakes and course-correcting to avoid them in the future. The length of this cycle— from experiment to result, incorporated into ...

UpGuard Welcomes Security Expert Chris Vickery

UpGuard is proud to announce that security expert Chris Vickery is joining our team as a cyber risk analyst, bringing with him a stunning track record of discovering major data breaches and vulnerabilities across the digital landscape. ...

Discovering Important Changes With UpGuard's Real Time Forwarder

A funny thing that’s happened as the digitization of business has sped up in the last ten years is that process cadence has not done well in keeping up. Regulatory compliance standards often use quarters, or even years, as audit intervals, ...

UpGuard and Puppet - Fits Like a Glove

Going from nothing to automation using one of the many tools available can be a daunting task. How can you automate systems when you’re not even 100% sure how they’ve been configured? The documentation is months out of date and the last ...

Cyber Resilience Challenge: Coke vs Pepsi

  Few corporate rivalries are as legendary as these two enterprise contenders; admittedly, there have been more than a fair share of comparisons pitting the pair against each other over the last century. So we're offering a twist to the ...

US Air Force Suffers Massive Data Breach

Leading security researchers have confirmed that the U.S. Air Force (USAF) suffered a massive data breach leading to the exposure of sensitive military data and senior staff information. Here's what you need to know about this latest ...

What You Need to Know About the Cloudbleed Bug

On February 18th, 2017, Google security researchers discovered a massive leak in Cloudflare's services that resulted in the exposure of sensitive data belonging to thousands of its customers. Here's what you need to know about the ...
All posts