Application Security News and Articles


USENIX Security ’23 – Sparsity Brings Vulnerabilities: Exploring New Metrics in Backdoor Attacks

Authors/Presenters: Jianwen Tian, Kefan Qiu, Debin Gao, Zhi Wang, Xiaohui Kuang, Gang Zhaoa Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open ...

Beyond Detection: Enhancing Your Security Posture with Predictive Cyberthreat Insights

The goal of cybersecurity is not just to respond to today’s threats but to anticipate tomorrow’s challenges. I recently had an enlightening conversation with Christopher Budd, Director of Sophos X-Ops Intelligence, to delve into the concept ...

How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide

Learn how to effectively respond to an AWS key honeytoken trigger with this step-by-step guide. Investigate the incident, identify the leak source, secure your environment, and leverage OSINT techniques to protect your AWS infrastructure. The ...

Proven Methods for the Quiet Security Professional To Own Their Narrative

Hear from Ontic Co-Founder, Tom Kopecky, and President of Exlog Global, George Taylor, on how security leaders can articulate the bigger picture to the rest of the business. Having worked with many men and women in the security profession who ...

Sentry, GitHub Use AI to Help Fixing Coding Errors

Developers are getting more help detecting and addressing bugs in their code through new AI-based tools that Sentry.io and GitHub each introduced this week. Sentry unveiled the beta of Autofix, a feature that uses company’s machine learning and ...

USENIX Security ’23 – A Data-Free Backdoor Injection Approach In Neural Networks

Authors/Presenters: Peizhuo Lv, Chang Yue, Ruigang Liang, Yunfei Yang, Shengzhi Zhang, Hualong Ma, Kai Chen Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong ...

DataDome Releases Ruby Server-Side Integration

Our new Ruby server-side integration is the latest in a range of 50+ integrations that ensure DataDome stops bad bots & fraud on any infrastructure. The post DataDome Releases Ruby Server-Side Integration appeared first on Security Boulevard.

The AI Advantage: Mitigating the Security Alert Deluge in a Talent-Scarce Landscape

The cybersecurity landscape is under siege. Organizations are bombarded by a relentless barrage of security alerts, often exceeding a staggering 22,111 per week on average. While Artificial Intelligence (AI) has emerged as a powerful tool to ...

How to Strengthen Cybersecurity in the Healthcare Industry

Lessons from the Change Healthcare Cyberattack: Strengthening Cybersecurity Measures in the Healthcare IndustryChange Healthcare, one of the major players in the healthcare industry was recently hit by a cyberattack that caused significant ...

AttackIQ Ready! 2.0 enables organizations to validate their cyber defense

AttackIQ announced AttackIQ Ready! 2.0, a managed breach and attack simulation-as-a-service that combines fully automated and on-demand adversary emulation testing that enables organizations to validate their cyber defense. While continuous ...

Vishal Rao joins Skyhigh Security as CEO

Skyhigh Security announced that it has appointed Vishal Rao as the organization’s next CEO. Rao will succeed former Skyhigh Security CEO Gee Rittenhouse, effective immediately. Rao brings an extensive background in the enterprise software ...

The art and science of product security: A deep dive with Jacob Salassi

Discover the main takeaways from our conversation on product security with Jacob Salassi, Director of Product Security at Snowflake. The post The art and science of product security: A deep dive with Jacob Salassi appeared first on Security ...

New Strata Cookbook and Identity Orchestration Recipes Automate Microsoft Active Directory Modernization and Coexistence with Microsoft Entra ID

Maverics platform enables organizations to move applications from AD to cloud-based Entra ID and extend Entra ID to on-prem apps without any code changes or browser plug-in agents BOULDER, Colo., March 21, 2024 – Strata Identity, the Identity ...

Authoring Automated Attacks with ChatGPT (or any Generative AI)

Basic API Interrogation During my time here at Cequence, I have been impressed with the attackers we face. Often, they have almost nothing to go on and must figure out how each piece of their attack is going to work. Sometimes it is finding an ...

IoT Consumer Labeling Goes Global – What This Means for Vendors and Consumers

IoT producers must comprehend the relevant rules, consult legal and technological experts and evaluate cybersecurity procedures. The post IoT Consumer Labeling Goes Global – What This Means for Vendors and Consumers appeared first on Security ...

Apricorn releases 24TB hardware encrypted USB drive

Apricorn released a 24TB version of its Aegis Padlock DT and Padlock DT FIPS Desktop Drives. Apricorn brings a 24TB encrypted drive to market, delivering high performance and mass capacity to industries such as healthcare, financial services, ...

Safeguarding Patient Data with HITRUST Compliance: A Comprehensive Guide for Healthcare Technology Companies

Healthcare organizations increasingly rely on technology to store, manage, and transmit sensitive patient information. As a result, safeguarding patient data against cyber threats and ensuring compliance with regulatory standards is critical, and ...

Veritas Backup Exec enhancements protect SMBs’ critical data

Veritas Technologies announced enhancements to Veritas Backup Exec, the unified backup and recovery solution. The latest updates include malware detection capabilities, role-based access control and additional optimizations for fast backup and ...

LogicGate introduces cyber and operational risk suite offerings

LogicGate announces the new Cyber Risk Suite and Operational Risk Suite offerings, providing enterprises with purpose-built integrated solutions to efficiently and effectively optimize their Enterprise Risk Management (ERM) and cyber risk ...

Memory-safe languages and security by design: Key insights, lessons learned

For more than 50 years, software engineers have struggled with memory vulnerabilities, but it has only been in recent times that serious efforts have been undertaken to get a handle on the problem. One of the leaders in memory safety, Google, has ...