Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
According to data from Tenable, more than 70 percent of global organizations remain vulnerable to the Log4Shell flaw as of October this year. [Read More]
Sphere Technology Solutions, a New Jersey startup building technology to help defenders clean up excessive and unnecessary access, raises a $31 million Series B round. [Read More]
Google researchers call attention to the ongoing “patch-gap” problem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices. [Read More]
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
CloudSEK warns of thousands of applications leaking Algolia API keys, including tens with hardcoded admin keys, potentially exposing data of millions of users. [Read More]
CISA, NSA, and ODNI have released recommendations on how customers can help secure the software supply chain. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
OpenSSF has announced the adoption of S2C2F, a Microsoft-built framework defining how open source software can be securely consumed. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
- 1 of 121
- ››
FEATURES, INSIGHTS // Application Security
AppSec is key to protecting production workloads from modern threats, but there are still too many silos and too much friction in existing implementations.
By understanding how to identify, isolate, and remove unwanted bot and fraud traffic, enterprises can remove the noise clouding the visibility they have into their online applications.
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
- 1 of 10
- ››
Get the Daily Briefing
- Interpres Security Emerges From Stealth Mode With $8.5 Million in Funding
- Healthcare Organizations Warned of Royal Ransomware Attacks
- Cisco Working on Patch for Publicly Disclosed IP Phone Vulnerability
- LF Electromagnetic Radiation Used for Stealthy Data Theft From Air-Gapped Systems
- SOHO Exploits Earn Hackers Over $100,000 on Day 3 of Pwn2Own Toronto 2022
- Over 4,000 Vulnerable Pulse Connect Secure Hosts Exposed to Internet
- EU Court: Google Must Delete Inaccurate Search Info If Asked
- Removing the Barriers to Security Automation Implementation
- Apple Scraps CSAM Detection Tool for iCloud Photos
- Vulnerabilities Allow Researcher to Turn Security Products Into Wipers
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy