Application Security News and Articles
The value of open source is undeniable — 90% of all modern software development depends on it. According to Harvard Business School, in 2024 alone, more than 6 trillion open source software components were downloaded, representing almost $9 ...
Author/Presenter: Thomas Boejstrup Johansen
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite []DEF CON 32]2 content. Originating from the conference’s events located at the Las Vegas Convention ...
Unauthorized AI usage is a ticking time bomb. A tool that wasn’t considered a risk yesterday may introduce new AI-powered features overnight.
The post AI Asset Inventories: The Only Way to Stay on Top of a Lightning-fast Landscape appeared ...
In this second post of a five-part series, I provide advice on how to best utilize the PEN-200 course material for a successful career in ethical hacking.
Disclaimer:
All opinions expressed in this article are solely my own. I have reviewed the ...
To say that the cybersecurity landscape has grown more complex over the past several years would be a dramatic understatement. Attackers have more resources at their fingertips than ever, and data breaches have become almost a daily occurrence. ...
In its ongoing commitment to deliver comprehensive cyber resiliency, Rubrik announced innovations designed to enhance protection for cloud, SaaS, and on-premises environments. The innovations aim to provide customers with even more ability to ...
Cyber threats in 2025 will constantly evolve, with cybercriminals using both new and old vulnerabilities. Here are the risks expected in 2025.
The post Cybersecurity Risks in 2025 appeared first on Security Boulevard.
Red Canary announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without ...
Enterprises can protect their workforce and critical systems without creating unnecessary barriers, striking the perfect balance between security and usability.
The post Identity Verification — The Front Line to Workforce Security appeared ...
Robust AI governance and threat detection with Mend AI Premium.
The post Introducing Mend AI Premium appeared first on Security Boulevard.
Misconfigurations are the cause of most cloud breaches. Aryon is on a mission to prevent them.
The post Aryon Security Debuts With Platform to Prevent Cloud Misconfigurations appeared first on SecurityWeek.
Virtual Chief Information Security Officer (vCISO) services are in high demand. Even though it is clear to all that this trend is growing, most service providers only offer a portion of overall CISO duties. Many ask themselves “Can we offer ...
Creating custom Roles in Azure can be a complex process that may yield long and unwieldy Role definitions that are difficult to manage. However, it doesn’t have to be that way. Read on to learn how you can simplify this process using the Azure ...
NOTE: This article discusses proposed changes to existing regulations. These changes are not in effect as of this article’s date […]
The post Proactive Security: Navigating HIPAA’s Proposed Risk Analysis Updates appeared first on ...
The Polish space agency POLSA says it has disconnected its network from the internet to contain a cyberattack.
The post Polish Space Agency Hit by Cyberattack appeared first on SecurityWeek.
Apple device management firm Jamf has entered into an agreement to acquire IAM platform Identity Automation.
The post Jamf to Acquire Identity Automation for $215 Million appeared first on SecurityWeek.
Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products.
The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek.
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.
The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.
Veriti Research has identified a growing trend – attackers leveraging cloud infrastructure to facilitate malware distribution and command-and-control (C2) operations. This evolving tactic not only makes detection more challenging but also ...
Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild.
The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek.
