Majicemi Co., Ltd.
Held a webinar on the theme of “Low-burden, continuous security diagnosis method”
……
Magisemi Co., Ltd. will be holding a webinar on the theme of “Low-cost, continuous security diagnosis method.”
[Image: https://prtimes.jp/i/54842/1789/resize/d54842-1789-63f2d299f8a062c79d4a-0.jpg&s3=54842-1789-bf6e20a96a8026b0d8f7ee9f5a62d62f-1280×720.jpg] (Click here for details and to apply)
https://majisemi.com/e/c/gmo-cybersecurity-20240228/M1D ■Vulnerability risks hidden in websites being launched one after another by each departmentDigital technology is rapidly spreading. , many companies and organizations are now developing their business on digital platforms. On the other hand, cyberattacks by malicious criminals that target system vulnerabilities are also increasing. Particularly in recent years, with the spread of cloud services and hosting services, it has become easy to publish services on the Internet. The number of services is also increasing, creating a new security risk for companies and organizations. ■ “Security Diagnosis” is carried out regularly. Many organizations use “Security Diagnosis” to detect and deal with vulnerabilities in websites and systems, which would have exhausted both business departments and information systems
departments using conventional methods. ” We are working on this. Generally, security diagnostics are performed on the verification environment once a year or at the timing of major feature releases, with rules established. With new vulnerabilities being discovered every day, some security teams believe that once a year is not enough. The current situation is that it is difficult to increase the frequency of implementation. For example, some companies are considering in-house security diagnosis to increase the frequency of security diagnosis, but diagnosis requires specialized knowledge and technology, and securing these resources is time-consuming and costly. Masu. It is very difficult to secure these resources in the business division, and the diagnostic work is concentrated on the security team of the entire company, resulting in a heavy operational burden and for companies who have given up on continuous diagnostics in-house. There are also people. There are also cases where business departments dislike security assessments themselves. Security diagnostics can sometimes carry out simulated attacks, so if carried out in a production environment, there is a possibility that there will be negative effects on users (user emails being sent, data being rewritten, the system stopping, etc.) . To avoid these effects, it is common to perform diagnosis in the verification environment, but depending on the development project, there may be differences between the verification environment and the production environment, so it is necessary to synchronize the verification and production environments before diagnosis. This requires a lot of preparation work, such as the need for Even when we ask business departments to cooperate with security assessments due to these issues, we have seen cases in which they do not understand the importance of this, or there is resistance. ■Explaining the best practices for continuous security diagnosis that does not stop or burden business departments How can we achieve efficient security diagnosis? In this seminar, we will explain how to effectively conduct vulnerability assessments for company-wide IT assets, such as business department websites that are easily targeted by cyber attacks and can lead to new security risks. In addition, in light of the issues that generally occur when performing vulnerability diagnosis, we recommend the best practice for security diagnosis, which can be carried out continuously without requiring the effort of business departments and with an understanding of the importance of vulnerability diagnosis. We propose “AtackSurface Management” tool. If you are in charge of an organization that is unable to centrally manage vulnerability information for the entire organization or cannot conduct effective security assessments due to time and cost
considerations, please use this as a hint for strengthening security. please. (Click here for details and application)
https://majisemi.com/e/c/gmo-cybersecurity-20240228/M1D ■Sponsored by GMO Cybersecurity by Ierae Co., Ltd. ■Cooperated by Open Source Utilization Institute Co., Ltd. Majisemi Co., Ltd. Majisemi is , we will continue to hold webinars that are “useful to participants.” ★For other webinar applications and videos and materials from past seminars, please check below★ https://majisemi.com?el=M1D ★If you would like to hold a webinar, please watch this video★ https: //youtu.be/pGj3koorgSY
More details about this release:
https://prtimes.jp/main/html/rd/p/000001789.000054842.html