Cybersecurity Headlines

NSO Group spyware reportedly used against European Commission The malware is coming from inside the phone OpenSSH gets ready for quantum computing Thanks to our episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft. In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme.

New Meta information stealer distributed in malspam campaign NB65 group targets Russia with a modified version of Conti's ransomware Elon Musk unveils vision for Twitter after joining board Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from "watchdog" to "guide dog" and everyone wins. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Apr 4-8, is hosted by Rich Stroffolino with our guest, Brett Conlon, CISO, American Century Investments Thanks to our sponsor, Code42 It's not just about the data leaving your company – what about the data coming in? Along with departing employees, new talent is also actively joining your organization. This poses cybersecurity challenges since they could be knowingly or unknowingly bringing data from their former company into your network. Code42 Incydr is an Insider Risk Management SaaS that provides a comprehensive understanding of your data exposure and shows which activities require security intervention. Learn more at Code42.com/showme.

Newly discovered flaw could allow hacking of Samsung Android devices Adobe Creative Cloud Experience makes malware easier to hide Parrot redirect service infects 16,500 sites to push malware Thanks to our episode sponsor, Code42 It's not just about the data leaving your company - what about the data coming in? Along with departing employees, new talent is also actively joining your organization. This poses cybersecurity challenges since they could be knowingly or unknowingly bringing data from their former company into your network. Code42 Incydr is an Insider Risk Management SaaS that provides a comprehensive understanding of your data exposure and shows which activities require security intervention. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

US disrupted Russian botnet Twitter shadowbans Russian government accounts DOJ charges Russian national with operating Hydra Thanks to our episode sponsor, Code42 Surprise! Surprise! Five years from now, Jamie, who's resigning today, will ring the NASDAQ bell officially launching her company on the public market. And what you'll soon realize is that Jamie stole your most valuable data to start her new company. Learn how Code42 Incydr can stop data theft and protect your organizations' most valuable assets. Visit Code42.com/showme to learn more.

Germany takes down world's largest darknet market Anonymous leaks personal details of Russian soldiers CISA adds Spring4Shell to list of exploited vulnerabilities Thanks to our episode sponsor, Code42 Cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data from exposure, leak and theft. In fact, the Code42 Annual Data Exposure Report revealed there's a 1 in 3 chance that your company will lose IP when an employee quits. To learn more about stopping data leaks with Insider Risk Management visit Code42.com/showme. For the stories behind the headlines, visit CISOseries.com

Russian secret police exposed in data leak MailChimp hit with breach The Bureau of Cyberspace and Digital Policy goes live Thanks to our episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Ts should define any IRM program: transparency, training, and technology. Shift your security culture from "watchdog" to "guide dog" and everyone wins. Learn more at Code42.com/showme.

New Borat remote access malware is no laughing matter Apple rushes out patches for 0-days in MacOS, iOS National Security Agency employee indicted for 'leaking top secret info' Thanks to our episode sponsor, Code42 It's not just about the data leaving your company - what about the data coming in? Along with departing employees, new talent is also actively joining your organization. This poses cybersecurity challenges since they could be knowingly or unknowingly bringing data from their former company into your network. Code42 Incydr is an Insider Risk Management SaaS that provides a comprehensive understanding of your data exposure and shows which activities require security intervention. Learn more at Code42.com/showme. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Mar 28-Apr 1, is hosted by Rich Stroffolino with our guest, Fredrick Lee, CISO, Gusto Thanks to our episode sponsor, Varonis All links and the video of this episode can be found on CISO Series.com

Palo Alto Networks error exposed customer support cases, attachments New AcidRain data wiper malware targets modems and routers Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk Thanks to our episode sponsors, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats, and streamline privacy and compliance. Visit www.varonis.com/cisoseries for a demo of Varonis' leading data security platform. For the stories behind the headlines, head to CISOseries.com.

Hackers abusing the power of subpoena Lapsus$ claims hack of Globant Brian Krebs sued by Ubiquiti for defamation Thanks to our episode sponsors, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at www.varonis.com/cisoseries.

Ukraine destroys panic-spreading bot farms Yandex is sending iOS user data to Russia Ronin Network victimized in record-breaking crypto heist Thanks to our episode sponsors, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats, and streamline privacy and compliance. Visit www.varonis.com/cisoseries for a demo of Varonis' leading data security platform. For the stories behind the headlines, visit CISOseries.com.

Ukraine ISP taken down by cyber attack Windows can now block drivers Deepfakes take a turn for the banal Thanks to our episode sponsors, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days, not years. Combined with advanced detection that monitors every file touch, ransomware doesn't stand a chance. Learn more at www.varonis.com/cisoseries.

Critical Sophos Firewall vulnerability allows remote code execution Okta: "We made a mistake" delaying the Lapsus$ hack disclosure CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog Thanks to our episode sponsors, Varonis On average, an employee can access 17 million files on day one. Varonis will show you where critical data is vulnerable, detect anomalies, and automatically right-size privileges to get you to "Zero Trust." Their data security platform can test your ransomware readiness and show you where you stack up. Learn more at www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Mar 21-25, is hosted by Rich Stroffolino with our guest, John Prokap, CISO, Success Academy Charter Schools Thanks to our episode sponsor, Varonis Customer: "The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically." Hear more at www.varonis.com/cisoseries. All links and the video of this episode can be found on CISO Series.com

UK police arrest 7 people in connection with Lapsus$ North Korean hackers exploit Chrome zero-day weeks before patch Anonymous claims to have hacked the Central Bank of Russia Thanks to our episode sponsor, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

Microsoft expands program to fill cyber skills gap Cyber Crime Losses Up 64% in 2021 Microsoft confirms Lapsus$ breach Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average employee can access 17 million files they don't need, and only a handful live on their laptop. Protect your data from the inside out and detect early signs of ransomware – automatically with Varonis. Visit www.varonis.com/cisoseries.

Ransomware attack on Okta leads to data breach Lapsus$ leaks 37GB of Microsoft source code Anonymous hacks Nestlè for operating in Russia Thanks to our episode sponsor, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats, and streamline privacy and compliance. Visit www.varonis.com/cisoseries for a demo of Varonis' leading data security platform. For the stories behind the headlines, visit CISOseries.com

Ransomware puts the breaks on Bridgestone Phishing with browser-in-a-browser attacks Conti Leaks leaks Conti code Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days, not years. Combined with advanced detection that monitors every file touch, ransomware doesn't stand a chance. Learn more at www.varonis.com/cisoseries.

CISA, FBI tell satellite communications network owners to watch out for hacks after Ukraine attack Hackers claim to breach TransUnion South Africa with 'Password' password Developer sabotages own npm module prompting open-source supply chain security questions Thanks to our episode sponsor, Varonis On average, an employee can access 17 million files on day one. Varonis will show you where critical data is vulnerable, detect anomalies, and automatically right-size privileges to get you to "Zero Trust." Their data security platform can test your ransomware readiness and show you where you stack up. Learn more at www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Mar 14-18, is hosted by David Spark with our guest, Eric Hussey, CISO, Aptiv Thanks to our episode sponsor, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at www.varonis.com/cisoseries. All links and the video of this episode can be found on CISO Series.com

Thanks to our episode sponsor, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at www.varonis.com/cisoseries.

Phony Instagram 'support staff' emails hit insurance company Facebook hit with $18.6 million GDPR fine over 12 data breaches in 2018 Microsoft Defender tags Office updates as ransomware activity Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average employee can access 17 million files they don't need, and only a handful live on their laptop. Protect your data from the inside out and detect early signs of ransomware – automatically with Varonis. Visit www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

More destructive wiper malware strikes Ukraine German security agency recommends replacing Kaspersky antivirus HackerOne apologizes to Ukrainian hackers for blocking payouts Thanks to our episode sponsor, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats, and streamline privacy and compliance. Visit www.varonis.com/cisoseries for a demo of Varonis' leading data security platform. For the stories behind the headlines, visit CISOseries.com

Ukraine's IT army hit with malware Mobile endpoints see a lot of malicious apps AMD vulnerable to Spectre v2 Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days, not years. Combined with advanced detection that monitors every file touch, ransomware doesn't stand a chance. Learn more at www.varonis.com/cisoseries.

Ubisoft changes employee passwords after "cyber security incident" Cyber Command chief tells Congress chip shortage has national security implications LockBit claims hack on Bridgestone tires Thanks to our episode sponsor, Varonis On average, an employee can access 17 million files on day one. Varonis will show you where critical data is vulnerable, detect anomalies, and automatically right-size privileges to get you to "Zero Trust." Their data security platform can test your ransomware readiness and show you where you stack up. Learn more at www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Mar 7 – 11, is hosted by Rich Stroffolino with our guest, Anshu Gupta, Investor, Silicon Valley CISO Investments Thanks to our sponsor, Torq Security Automation Myth 5: You Should Automate All Security Processes False. You should automate routine, repetitive tasks that are not subject to much conditional variance. But workflows that can't be reliably managed by automation tools, such as assessing the financial consequences of a breach or determining whether a security incident should trigger an application rollback, should remain the domain of humans. To learn more about the realities of automation, head to torq.io. All links and the video of this episode can be found on CISO Series.com

Russia creates its own TLS certificate authority to bypass sanctions Online sleuths are using face recognition to ID Russian soldiers Basic text-color trick can fool phishing filters There are many misconceptions about security automation, so today's episode sponsor Torq is debunking a security automation myth each day this week. Myth 5: You Should Automate All Security Processes False. You should automate routine, repetitive tasks that are not subject to much conditional variance. But workflows that can't be reliably managed by automation tools, such as assessing the financial consequences of a breach or determining whether a security incident should trigger an application rollback, should remain the domain of humans. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head to CISOseries.com.

Chipmakers warn of new speculative execution bugs US worked to shore up Ukraine's cyber defense in 2021 Twitter Tor service launches There are many misconceptions about security automation, so today's episode sponsor Torq is debunking a security automation myth each day this week. Myth 4: Automation Will Replace Skilled Security Professionals Not true. Any business that attempts to automate security will quickly find that most high-stakes security issues are far too complex to be detected and remediated by automation tools alone. Human security professionals need to take the lead delivering nuanced insight about the business impact of a large-scale breach. To learn more about the realities of automation, head to torq.io.

Google to purchase cybersecurity firm Mandiant for $5.4 billion Security vendors help infrastructure orgs protect against Russian cyberattacks Russian VPN demand soars amidst social media crackdown There are many misconceptions about security automation, so today's episode sponsor Torq is debunking a security automation myth each day this week. Myth 3: Only Enterprises Need Security Automation Debunked. While enterprises with thousands of endpoints and sprawling teams certainly need automation, businesses of all sizes face challenges related to other forms of scale when it comes to security. For instance, there are about 1 billion known types of malware in existence, and they imperil businesses of all sizes equally. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head over to CISOseries.com

Leaked Nvidia data used in malware Russia says it's okay to download a car Sharkbot takes a bite out of the Play Store There are many misconceptions about security automation, so today's episode sponsor Torq is debunking a security automation myth each day this week. Myth 2: Security Automation Is Just a New Term for Automated Security Testing Wrong. While scanning and testing may be one example of a security automation use case, it's hardly the only one. Automation can be used to do things like help manage complex security workflows and optimize collaboration between different stakeholders. These are tasks that were not traditionally automated. To learn more about the realities of automation, head to torq.io.

Charities and NGOs that provide support to Ukraine hit by malware 'Most advanced' China-linked backdoor ever raises alarms for cyber-espionage investigators Hackers allegedly leak Samsung data, source code There are many misconceptions about security automation, so today's episode sponsor Torq is debunking a security automation myth each day this week. Myth 1: Automation Is Only a Reactive Part of SecOps Incorrect. Proactive management of security incidents is just as important, like automatically scanning IaC configurations to detect vulnerabilities, automating collaboration between devs, IT ops and SecOps to prevent risks before they're threats. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Feb 28-Mar 4, is hosted by Rich Stroffolino with our guest, Ody Lupescu, CISO, Ethos Life Thanks to our episode sponsor, Torq There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 5: You Should Automate All Security Processes False. You should automate routine, repetitive tasks that are not subject to much conditional variance. But workflows that can't be reliably managed by automation tools, such as assessing the financial consequences of a breach or determining whether a security incident should trigger an application rollback, should remain the domain of humans. To learn more about the realities of automation, head to torq.io. All links and the video of this episode can be found on CISO Series.com

Cyberattack attempts on Ukraine surge tenfold Ukraine's "IT army" targets Belarus railway network, Russian GPS Eight-character passwords can be cracked in less than 60 minutes There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 5: You Should Automate All Security Processes False. You should automate routine, repetitive tasks that are not subject to much conditional variance. But workflows that can't be reliably managed by automation tools, such as assessing the financial consequences of a breach or determining whether a security incident should trigger an application rollback, should remain the domain of humans. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head to CISOseries.com.

Conti and Trickbot code leaks API attacks surge in 2021 Log4Shell still being used in the wild There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 4: Automation Will Replace Skilled Security Professionals Not true. Any business that attempts to automate security will quickly find that most high-stakes security issues are far too complex to be detected and remediated by automation tools alone. Human security professionals need to take the lead delivering nuanced insight about the business impact of a large-scale breach. To learn more about the realities of automation, head to torq.io.

Russia-Ukraine War update Nvidia confirms company data was stolen in hack Half of employees use unauthorized file services at work There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 3: Only Enterprises Need Security Automation Debunked. While enterprises with thousands of endpoints and sprawling teams certainly need automation, businesses of all sizes face challenges related to other forms of scale when it comes to security. For instance, there are about 1 billion known types of malware in existence, and they imperil businesses of all sizes equally. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, go to cisoseries.com

Toyota suspends Japanese production due to cyberattack Microsoft providing threat intelligence to Ukraine Twitter to label tweets from state-owned media There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 2: Security Automation Is Just a New Term for Automated Security Testing Wrong. While scanning and testing may be one example of a security automation use case, it's hardly the only one. Automation can be used to do things like help manage complex security workflows and optimize collaboration between different stakeholders. These are tasks that were not traditionally automated. To learn more about the realities of automation, head to torq.io.

Ukraine recruits volunteer IT army to hack list of Russian entities Russia demands Google restore access to its media YouTube channels in Ukraine Chipmaker giant Nvidia hit by ransomware attack There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 1: Automation Is Only a Reactive Part of SecOps Incorrect. Proactive management of security incidents is just as important, like automatically scanning IaC configurations to detect vulnerabilities, automating collaboration between devs, IT ops and SecOps to prevent risks before they're threats. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Feb 21-25, is hosted by Rich Stroffolino with our guest, Mark Eggleston, CISO, CSC Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register. All links and the video of this episode can be found on CISO Series.com

Cyberattacks accompany Russian military assault on Ukraine Putin's government warns Russian critical infrastructure of potential cyberattacks Manufacturing was the top industry targeted by ransomware last year Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register. For the stories behind the headlines, head to CISOseries.com.

Samsung shipped devices with flawed encryption New York state gets cybersecurity center Microsoft Defender adds support for GCP Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register.

IRS is allowing taxpayers to opt out of facial recognition UK Defence Secretary warns Russia of cyber-retaliation Slack confirms outage for some users Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register. For the stories behind the headlines, head to cisoseries.com

Researches find decryption for Hive ransomware In the Google Play Store, no one can hear you scream Linux leads in patching speeds Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register.

White House attributes Ukraine DDoS incidents to Russia's GRU Master key for Hive ransomware retrieved using a flaw in its encryption algorithm New phishing campaign targets Monzo online-banking customers Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register. For the stories behind the headlines, head to CISOseries.com.

Link to Blog Post This week's Cyber Security Headlines – Week in Review, Feb 14-18, is hosted by Rich Stroffolino with our guest, Mike Hanley, CSO, GitHub Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, and pentest automation to improve communication and collaboration. PlexTrac upgrades your program's capabilities by making the most of every team member and tool. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! All links and the video of this episode can be found on CISO Series.com

DOJ beefs up efforts to combat criminal use of cryptocurrencies Canada's major banks go offline in mysterious hours-long outage Hackers slip into Microsoft Teams chats to distribute malware Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, and pentest automation to improve communication and collaboration. PlexTrac upgrades your program's capabilities by making the most of every team member and tool. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.

State-sponsored hackers hits defense contractors Unskilled hacker targeted aviation industry for years Privacy Sandbox heading to Android Thanks to our episode sponsor, PlexTrac Solve your talent shortage with PlexTrac. Use PlexTrac to automate security tasks and workflows to keep your red, blue, and purple teams focused on the real security work. Gain precious time back in your team's day and improve their morale by making them more effective with PlexTrac. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

Cyberattacks take down Ukrainian military and bank websites Super Bowl ad shines a light on QR code risks CISA directs agencies to patch actively exploited Chrome and Magento bugs Thanks to our episode sponsor, PlexTrac PlexTrac is the solution to deal with your data. Aggregate findings from all assessments to produce the analytics needed to make informed decisions. Produce data visualizations and add them to reports with one click to communicate effectively to leadership. PlexTrac is the premier product for security data management. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, visit cisoseries.com

FTC warns VoIP providers about robocalls SEC outlines new cybersecurity rules for investment firms Rampant plagiarism hits NFT marketplace Thanks to our episode sponsor, PlexTrac Gain a real-time view of security posture with PlexTrac by consolidating scanner findings, assessments, and bug bounty tools. Visualize your posture in the Analytics Module to quickly assess and prioritize, creating a more effective workflow. Map risks to the MITRE ATT&CK framework to create a living risk register. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

San Francisco 49ers hit by Blackbyte ransomware attack Linux malware attacks are on the rise, and businesses aren't ready for it Fake Windows 11 upgrade installers deliver RedLine malware Thanks to our episode sponsor, PlexTrac PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to CISOseries.com.