Application Security News and Articles


DEF CON 32 – Grand Theft Actions Abusing Self Hosted GitHub Runners

Authors/Presenters: Adnan Khan, John Stawinski Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention ...

DEF CON 32 – Laundering Money

Author/Presenter: Michael Orlitzky Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via ...

Is Your Company’s Website Compromising Customer Data?

If you are a security, compliance, and privacy professional, it’s time to focus on an often-ignored issue—client-side security. While many organizations dedicate significant resources to protecting their servers, there’s a critical question ...

Navigating the Future of Secure Code Signing and Cryptography

In today’s interconnected world, the integrity of software has never been more critical. With the increasing reliance on open-source components and the complexities introduced by containerized applications, ensuring trust in software has become ...

Feel Secure: Integrating Custom Secrets Vaults

Understanding the Significance of Non-Human Identities “How secure are your machine identities?” This is a question that many organizations may not be adequately considering, leaving a critical gap in their cybersecurity strategy. Within the ...

Feel Reassured with Advanced Secrets Rotation Strategies

Why Does Secrets Rotation Matter in Today’s Cyberspace? In the dynamic landscape of data security, one question haunts every professional – how secure are our systems? A critical aspect of answering this query rests on an effective management ...

Scaling Security: Effective Secrets Sprawl Management

Can Effective Secrets Sprawl Management Scale Security? Every organization aims to meet its ever-evolving cybersecurity needs. Is secrets sprawl management the key to unlocking this potential? A scalable security strategy can indeed be ...

Building Trust in Cloud Security with AI

How High is Your Trust in Cloud Security? In the current digital age where data is the new oil, establishing trust in cloud security is paramount. This trust isn’t solely between the service providers and the users but extends to the trust in ...

Stay Ahead: Key Trends in API Security Management

Are You Prepared for the Rising Trends in API Security Management? In the evolving landscape of cyber threats, staying informed about emerging trends in Application Programming Interface (API) security is crucial. One key trend shaping ...

The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the Workforce

As artificial intelligence evolves, its impact on cybersecurity and the workforce is profound and far-reaching. Predictive AI once enabled security teams to anticipate threats, and generative AI brought creativity and automation to new levels. ...

DEF CON 32 – Laundering Money

Author/Presenter: Michael Orlitzky Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via ...

Top cyber attacks of 2024: Lessons from the year’s biggest breaches

The cyber attacks of 2024 were memorable to say the least. This year, cybercriminals targeted critical industries and high-profile organizations, using increasingly sophisticated tactics to exploit The post Top cyber attacks of 2024: Lessons ...

OSS in the crosshairs: Cryptomining hacks highlight key new threat

A dozen packages associated with the popular, open source projects rspack and vant were compromised this week by threat actors who implanted malicious, crypto-mining code in packages with hundreds of thousands of weekly downloads.  The post OSS ...

Will AI Drive Efficiency and Budget Growth? Risks, Rewards & Reality

The post Will AI Drive Efficiency and Budget Growth? Risks, Rewards & Reality appeared first on AI-Enhanced Security Automation. The post Will AI Drive Efficiency and Budget Growth? Risks, Rewards & Reality appeared first on Security ...

Tonic.ai product updates: December 2024

Sensitivity detection Confidence Levels arrive in Structural, customize entity detection in Textual, + shop for Tonic on Google Cloud Marketplace! The post Tonic.ai product updates: December 2024 appeared first on Security Boulevard.

Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnaravi – #317 – Paywall

via the respected Software Engineering expertise of Mikkel Noe-Nygaard and the lauded Software Engineering / Enterprise Agile Coaching work of Luxshan Ratnaravi at Comic Agilé! Permalink The post Comic Agilé – Mikkel ...

Log4Shell Vulnerability | Why it Still Exists and How to Protect Yourself | Contrast Security

Three years ago, Log4Shell was the worst holiday gift ever for security teams, particularly given that it was wrapped in a CISA order to patch by Christmas Eve.  The post Log4Shell Vulnerability | Why it Still Exists and How to Protect Yourself ...

AI-Powered Actions Cybersecurity Leaders Are Taking to Outwit Bad Actors

As a cybersecurity executive, your job is clear: protect business operations, safeguard consumers and ensure the security of your employees. But in today’s rapidly evolving threat landscape, these responsibilities are more challenging than ...

Diamond Bank Addresses Spoof Websites

Diamond Bank is a community bank with 14 branches and thousands of customers in the Southwest Arkansas region. The bank celebrated its 120th anniversary in 2024 and takes great pride in its longevity and connection to the community. Spoof Website ...

Impart is now available in the AWS Marketplace | Impart Security

Today, we are thrilled to announce that Impart is now available in the AWS Marketplace. More Streamlined Contracting AWS customers with existing spend commitments can apply their Impart purchase toward their AWS commitment. This availability ...