Application Security News and Articles


Strengthening Cyber Resilience: A Milestone Partnership

As the CEO of HYAS, I am thrilled to announce a pivotal partnership with ZainTECH, a trailblazer in integrated digital solutions and part of the esteemed Zain Group. This collaboration signifies a significant step forward in our shared mission to ...

Gurucul federated search provides insights into data that is not centralized

Gurucul announced enhancements to its federated search capabilities. Gurucul federated search empowers users to run queries from a single console across any data source, including data lakes, cloud object storage, databases, identity systems, ...

Understanding the Different Types of Audit Evidence

Audit evidence lies at the heart of cybersecurity audits and assessments, providing tangible proof of an organization’s adherence to cybersecurity measures.  Being secure is not merely about having a secure infrastructure; it’s about ...

Stale Accounts in Active Directory

What are Stale Accounts in Active Directory? Accounts that have not been used in the past six months and are no longer necessary. Stale accounts are often inactive user accounts. They are an account from a user who no longer works there that was ...

Why Understanding Your Open Source Licenses Matters

Fully understanding open-source licenses is crucial for your projects and organization. Let's look at where these licenses come from and how they can impact your applications. The post Why Understanding Your Open Source Licenses Matters appeared ...

AuditBoard expands executive team to support the next phase of growth

AuditBoard announced it has brought on public SaaS company veteran Jeff Harper as Chief Human Resources Officer (CHRO) to help scale the organization and infrastructure, continue to attract and retain exceptional talent, and steward ...

DAST is dead, why Business Logic Security Testing takes center stage

DAST is dead, discover why business logic security testing takes center stage. The post DAST is dead, why Business Logic Security Testing takes center stage appeared first on Security Boulevard.

Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)

The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of which (CVE-2024-29204, CVE-2024-24996) are critical and may allow a remote ...

Roku experiences another data breach; Apple notifies users about mercenary spyware attacks

It’s rare to see a data breach study observers call a “mixed bag.” Normally, reports on data breaches are grim, touting how each year was a record high for the number of data breach incidents and victims, so when one of those figures goes ...

April Product Update

The CyberSaint team is dedicated to providing new features to CyberStrong and advancing the CyberStrong cyber risk management platform to address all your cybersecurity needs. These latest updates will empower you to customize assessment ...

OnlyFans Filter: A New Frontier in School Safety and CIPA Compliance

TikTok, YouTube, Instagram — the list goes on. Every day, K-12 IT departments are contending with an ever-growing number of social media sites, each with its own set of challenges. However, none are quite as dangerous as OnlyFans. In this blog, ...

Immuta launches Domains policy enforcement to improve security and governance for data owners

Immuta launched Domains policy enforcement, a new capability in the Immuta Data Security Platform that provides additional controls for data owners to implement a data mesh architecture with domain-specific data access policies. Centralizing data ...

Redgate Monitor Enterprise prevents unauthorized access to sensitive information

Redgate has launched an enterprise version of its popular database monitoring tool, providing a range of new features to address the challenges of scale and complexity faced by larger organizations. Redgate Monitor Enterprise offers advanced ...

What is certificate discovery and why is it important?

Digital certificates ensure cybersecurity, but visibility into inventory is crucial. Explore certificate discovery's role in effective CLM. The post What is certificate discovery and why is it important? appeared first on Security Boulevard.

SAS unveils products and services to help customers embrace AI

SAS is launching new AI products and services to improve AI governance and support model trust and transparency. Model cards and new AI Governance Advisory services will help organizations navigate the turbulent AI landscape, mitigating risk and ...

Authorities take down LabHost, phishing-as-a-service platform

Law enforcement from 19 countries severely disrupted one of the world’s largest phishing-as-a-service platform, known as LabHost. This year-long operation, coordinated at the international level by Europol, resulted in the compromise of ...

WebLogic T3/IIOP Information Disclosure Vulnerability (CVE-2024-21006/CVE-2024-21007)

Overview Recently, NSFOCUS CERT detected that Oracle has released a security announcement and fixed two information disclosure vulnerabilities (CVE-2024-21006/CVE-2024-21007) in Oracle WebLogic Server. Due to the defects of T3/IIOP protocol, ...

Cisco Taps AI and eBPF to Automate Security Operations

Cisco today launched a framework that leverages artificial intelligence (AI) to test a software patch in a digital twin running on an endpoint to make sure an application doesn’t break before actually deploying it. Jeetu Patel, executive vice ...

Rethinking Identity Threat Detection: Don’t Rely on IP Geolocation

SOC teams frequently look to the IP geolocation to determine whether an alert or activity poses a genuine threat.  However, with the changing threat landscape, relying solely on this information is no longer sufficient. In this blog post, we ...

A Pandora’s Box: Unpacking 5 Risks in Generative AI

A Pandora's Box: Unpacking 5 Risks in Generative AI madhav Thu, 04/18/2024 - 05:07 Generative AI (GAI) is becoming increasingly crucial for business leaders due to its ability to fuel innovation, enhance personalization, automate content ...