Application Security News and Articles
Veeam Software announced its fully pre-built, pre-harden ed software appliance: the new Veeam Software Appliance. Built to give IT teams instant protection without complexity, the appliance eliminates the friction of manual setup, OS patching, ...
Founded in 2022 to help organizations with the secure deployment of generative-AI utilities, Aim emerged from stealth in January 2024.
The post Cato Networks Acquires AI Security Firm Aim Security appeared first on SecurityWeek.
Safeguarding data is a fundamental function of data governance—and that extends to the data used by developers. But how do you maintain test data utility when masking sensitive information?
The post Data masking and data governance: Ensuring ...
Cloudflare has also been affected by the Salesloft Drift breach, the US web infrastructure and security company confirmed on Tuesday, and the attackers got their hands on 104 Cloudflare API tokens. “We have identified no suspicious activity ...
The combined Synack/Tenable solution reduces alert noise for overloaded security teams, isolating the most exploitable threats so they can proactively close security gaps faster.
Vulnerability Assessment
In this series, we examined the vital connection between AI and APIs, highlighting what makes a leader in the API security market through the 2025 KuppingerCole Leadership Compass. Now, we turn to the core strategy of true API security: the ...
Known for her seminal book, A Hacker Manifesto, Wark reframes hacking as a cultural force rooted in play, creativity, and human nature.
The post Hacker Conversations: McKenzie Wark, Author of A Hacker Manifesto appeared first on SecurityWeek.
Credential Integrity Must Be Ongoing Trust used to be something you gave once. A user would log in, pass a password check or multi-factor prompt, and from that point forward, they were considered safe. Unfortunately, that assumption no longer ...
Attack disrupted email, phones, and websites for weeks, but officials say no ransom was paid.
The post Pennsylvania Attorney General Confirms Ransomware Behind Weeks-Long Outage appeared first on SecurityWeek.
Really good research on practical attacks against LLM agents.
“Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous”
Abstract: The growing integration of LLMs into ...
Remote work fuels Shadow IT risks. Learn how to manage USBs and portable storage with encryption, EDR, and policies that balance security with usability.
The post How Strong Device Policies Can Help Solve Your Shadow IT Problem appeared first on ...
British automobile manufacturer Jaguar Land Rover (JLR) is scrambling to restore applications and operations that were impacted by a cyberattack. In a brief notice on Tuesday, the company said it disconnected its systems, which severely impacted ...
Hackers accessed customer contact information and case data from Salesforce instances at Cloudflare, Palo Alto Networks, and Zscaler.
The post Security Firms Hit by Salesforce–Salesloft Drift Breach appeared first on SecurityWeek.
A recent TechRadar Pro article warns of a dramatic rise in deepfake-enabled scams targeting executive leadership—and the numbers are hard to ignore. Over half of cybersecurity professionals surveyed (51%) say their organization has already been ...
In the digital era, data is one of the most valuable assets an organization owns. Customer records, financial transactions, intellectual property, and operational data all power business growth. However, this also makes data a prime target for ...
As artificial intelligence becomes more accessible, a new wave of cybersecurity risk is rising from within: insider threats enhanced by generative AI. According to a recent TechRadar report, security professionals are now more concerned about ...
We are often asked by the business leaders and executives we speak to “will penetration testing disrupt our business operations?”. We frequently hear concerns about downtime, impact to customer services, or unexpected changes to data. These ...
CAPTCHAs are everywhere, and almost universally hated. Whether it's deciphering blurry text or clicking every fire hydrant in a grid, users are routinely interrupted by challenges that are hard to solve and even harder to justify. For most ...
Learn about the Minimum Viable Secure Product (MVSP) approach for Enterprise SSO and CIAM. Balance rapid deployment with essential security for your initial product release.
The post Understanding the Minimum Viable Secure Product appeared first ...
Discover how to effectively manage users in passwordless environments without relying on tokens. Learn about device authentication, biometrics, and risk-based access control.
The post Handling Users without Tokens in Passwordless Environments ...
