Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Users will have an end-to-end encryption option when choosing to store their backups in Google Drive or iCloud. [Read More]
OpenSSL 3.0 has finally been released — it took 3 years, 17 alpha releases, two beta releases and more than 7,500 commits and contributions. [Read More]
Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files. [Read More]
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
Microsoft patches a vulnerability in Azure Container Instances that could allow access to other customers’ information. [Read More]
TrueFort, which provides an application visibility and protection platform, has closed a $30 million Series B funding round led by Shasta Ventures. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
Howard University closed its physical campus and canceled classes this week after experiencing a ransomware attack. [Read More]
- 1 of 77
- ››
FEATURES, INSIGHTS // Application Security
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
- 1 of 10
- ››
Get the Daily Briefing
- Regular Users Can Now Remove Password From Their Microsoft Account
- Cloud Backup Company Rewind Raises $65 Million
- Severe Vulnerabilities Could Expose Thousands of Azure Users to Attacks
- 3 Former US Officials Charged in UAE Hacking Scheme
- SAP Patches Critical Vulnerabilities With September 2021 Security Updates
- ICS Patch Tuesday: Siemens, Schneider Electric Address Over 40 Vulnerabilities
- Zoom Introduces End-to-End Encrypted Phone Calls
- The Ongoing Reciprocal Relationship Between APTs and Cybercriminals
- Cobalt Strike Beacon Reimplementation 'Vermilion Strike' Targets Windows, Linux
- General Promises US 'Surge' Against Foreign Cyberattacks
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy