Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
Application security startup ArmorCode raises $14 million in Series A funding round led by Ballistic Ventures. [Read More]
BoostSecurity has emerged from stealth mode with a DevSecOps automation platform and $12 million in seed funding. [Read More]
Bishop Fox has raised more than $154 million in lifetime funding to build and market technology for continuous attack surface management. [Read More]
New NSA guidance details common software memory safety issues and their exploitation, and shares information on how organizations can protect against these flaws. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
API security company Wib has announced launching its platform and raising $16 million to enhance its product and for international growth. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
- 1 of 121
- ››
FEATURES, INSIGHTS // Application Security
AppSec is key to protecting production workloads from modern threats, but there are still too many silos and too much friction in existing implementations.
By understanding how to identify, isolate, and remove unwanted bot and fraud traffic, enterprises can remove the noise clouding the visibility they have into their online applications.
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
- 1 of 10
- ››
Get the Daily Briefing
- US Bans Huawei, ZTE Telecoms Gear Over Security Risk
- EU Parliament Website Attacked After MEPs Slam Russian 'Terrorism'
- Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse
- Cross-Tenant AWS Vulnerability Exposed Account Resources
- Facebook Parent Meta Links Influence Campaign to US Military
- Microsoft Warns of Boa Web Server Risks After Hackers Target It in Power Grid Attacks
- CISA Updates Infrastructure Resilience Planning Framework
- Multi-Purpose Botnet and Infostealer 'Aurora' Rising to Fame
- Leaked Algolia API Keys Exposed Data of Millions of Users
- BMC Firmware Vulnerabilities Expose OT, IoT Devices to Remote Attacks
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy