Application Security News and Articles
The holiday season is a time of joy, celebrations, and—unfortunately—a spike in cybersecurity threats. Cybercriminals often exploit the festive cheer, targeting individuals and organizations distracted by the season’s busyness. This ...
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this year, iVerify added a threat hunting feature ...
China's growing presence in the global market for LiDAR, a remote sensing technology widely used in defense and commercial system, presents a national security risk for the United States, which already is dealing with intrusions into critical ...
Learn how AppOmni’s SSPM and Cisco’s SSE create a unified Zero Trust security solution, bridging SaaS and cloud service vulnerabilities to protect critical data.
The post How AppOmni and Cisco Advance Zero Trust SaaS Security appeared first ...
APIs have become the backbone of modern digital ecosystems, powering everything from mobile apps to e-commerce platforms. However, as APIs grow in importance, they also become prime targets for malicious actors. Increasingly, bots are being ...
Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies ...
The European Union's newly revised Product Liability Directive, which holds software producers accountable for defects, could have far-reaching effects on U.S. companies that develop for or supply to the EU market software, digital goods, or ...
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC ...
Fortinet announced FortiAppSec Cloud, a new cloud-delivered platform that integrates key web application security and performance management tools into a single offering. The platform streamlines web and API security, advanced bot defense, and ...
AttackIQ announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience. A growing need for efficient and accurate threat detection As cyber threats grow more ...
Veeam Software released Veeam Data Platform v12.3. This release encompasses three key objectives for enterprises: protecting identity and access management with support for backing up Microsoft Entra ID, powering proactive threat analysis with ...
Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset ...
Veza announced Veza Access Requests product, enabling organizations to reduce the risk of identity-based threats with automated access policy intelligence for application access. Veza Access Requests ensures that users requesting access are ...
With IoT connectivity expanding, organizations across the industry must grapple with the complexities of securing this vast network of internet-connected “things.”
The post Why Technology Interoperability is the Key to a Safer Internet of ...
42Gears launched SureAccess, a Zero Trust Network Access (ZTNA) solution. This solution reinforces the company’s commitment to enterprise security by ensuring that only authenticated users and verified devices can access corporate resources ...
Building a third-party risk management framework (TPRM) is an ongoing process that requires commitment, resources and continuous improvement.
The post A Strategic Approach to Building a Comprehensive Third-Party Risk Framework appeared first on ...
One of the most alarming methods of attack involves intercepting email attachments during transit, resulting in the theft of personally identifiable information (PII) and other sensitive data.
The post Defending Against Email Attachment Scams ...
Trust is not a one-way street. Employees who trust their organization and leadership are one lane, but the organization must trust its employees, too.
The post Are We Too Trusting of Employees? appeared first on Security Boulevard.
SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by ...
In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights on ...
