Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
The company aims to fight bad APIs with XDR (Extended Detection and Response) techniques such as precise behavioral analytics. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
Google joins Apple and Microsoft in warning about zero-day flaws being exploited in the wild. This time the target is the popular Google Chrome browser. [Read More]
Apple ships fixes for a pair of iOS and macOS security defects alongside a warning that these issues belong in the “actively exploited” zero-day category. [Read More]
Hackers leaked online credentials stolen from 87,000 VPN devices, affecting roughly 22,500 victims worldwide, including nearly 3,000 in the United States. [Read More]
Tenable makes its priciest acquisition to date and expands its product portfolio with capabilities to detect security problems in code before they become operational security risks. [Read More]
Users will have an end-to-end encryption option when choosing to store their backups in Google Drive or iCloud. [Read More]
- 1 of 78
- ››
FEATURES, INSIGHTS // Application Security
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
- 1 of 10
- ››
Get the Daily Briefing
- UK-Based Threat Detection Firm SenseOn Raises $20 Million
- Controversial Web Host Epik Confirms Customer Data Exposed in Breach
- VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability
- Encrypted Messaging App Signal Hit by Brief Outage
- Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability
- Threat Actor Targets Indian Government With Commercial RATs
- States at Disadvantage in Race to Recruit Cybersecurity Pros
- EU Denounces Alleged Russian Hacking Ahead of German Vote
- FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on Governments, Hotels
- Google Says Threat Actors Using New Code Signing Tricks to Evade Detection
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy