.jpg){kind=avatar}
Attack Surface Management
What is the WannaCry Ransomware Attack?
WannaCry is a ransomware cryptoworm cyber attack that targets computers running the Microsoft Windows operating system.
Read more
Abi Tyas Tunggal
July 8, 2025
What is Attack Surface Management? Tools and Best Practices
This is a complete overview of attack surface management. Learn how attack surface management can keep your organization secure in this in-depth post.
Read more
Nicholas Sollitto
December 1, 2025
Top 20 Critical Windows Server 2008 Vulnerabilities And Remediation Tips
Learn about the top 20 Windows Server 2008 vulnerabilities, exploits, and security flaws that can lead to a data breach and how to fix them.
Read more
Abi Tyas Tunggal
January 5, 2025
Rapid7 vs Qualys
Which of these two leading vulnerability management solutions is better at detecting and remediating security flaws? Read more to find out.
Read more
Abi Tyas Tunggal
January 9, 2025
How to Protect Ruby on Rails from Hackers: 7 Ways Infographic
Learn how to fix these 7 Rails vulnerabilities that commonly lead to web application compromises.
Read more
UpGuard Team
November 19, 2024
Caught In The AWS Tarpit
While running a series of unit tests that make API calls to Amazon Web Services (AWS), tests were failing unpredictably. All driven by AWS authentication.
Read more
Kaushik Sen
November 19, 2024
What is Penetration Testing?
This is a complete overview of penetration testing. Learn about how penetration testing is used to reduce cybersecurity risk with this in-depth post.
Read more
Abi Tyas Tunggal
July 4, 2025
Tenable vs. McAfee MVM vs. Rapid7
Intel has pulled the plug on McAfee Vulnerability Manager. But will customers move with them to Rapid7 or explore other options like Tenable?
Read more
UpGuard Team
November 19, 2024
What Is a Man-in-the-Middle Attack? Prevention Tips and Guide
A man-in-the-middle attack (MITM attack) is a cyber attack where an attacker relays and possibly alters communication between two parties.
Read more
Abi Tyas Tunggal
July 4, 2025
25 Working from Home Security Tips for Staff and Employers in 2026
This is a complete overview of how to stay secure while working from home. Learn what you can do as an employee and employer in this in-depth post.
Read more
Abi Tyas Tunggal
January 5, 2026
Arachni vs OWASP ZAP
Which of these two leading pen testing suites is more effective at discovering security flaws in software applications? Read more to find out.
Read more
Abi Tyas Tunggal
November 19, 2024
What are the OWASP Top 10?
This is a complete overview of the OWASP Top Ten. Learn about the top 10 risks and how to prevent them in this in-depth post.
Read more
Abi Tyas Tunggal
July 4, 2025
What are the CIS Controls for Effective Cyber Defense?
The CIS Critical Security Controls are a prioritized set of actions that form a defense-in-depth set of best practices to prevent common cyber attacks.
Read more
Abi Tyas Tunggal
December 1, 2025
What is Data Security?
Data security is the process of protecting sensitive data from unauthorized access and corruption throughout its lifecycle.
Read more
Abi Tyas Tunggal
November 30, 2025
What is the Principle of Least Privilege?
The principle of least privilege (POLP) is the practice of limiting access rights for users, accounts and computing processes to only those needed.
Read more
Abi Tyas Tunggal
July 4, 2025
What is Role-Based Access Control (RBAC)? Examples, Benefits, and More
This is a complete overview of role-based access control (RBAC). Learn about common uses of RBAC, why it is used, and its benefits in this in post.
Read more
Abi Tyas Tunggal
July 4, 2025
Sign up for our newsletter
UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.
Free instant security score
How secure is your organization?
Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
Instant insights you can act on immediately- Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
