Application Security News and Articles
OffSec has released Kali Linux 2025.4, a new version of its widely used penetration testing and digital forensics platform. Most of the changes are related to appearance and usability: Kali’s GNOME desktop environment now organizes Kali ...
Most enterprise breaches no longer begin with a firewall failure or a missed patch. They begin with an exposed identity. Credentials harvested from infostealers. Employee logins are sold on criminal forums. Executive personas impersonated to ...
Bugcrowd unveils AI Triage Assistant and AI Analytics to help security teams proactively defend against AI-driven cyberattacks by accelerating vulnerability analysis, reducing MTTR, and enabling preemptive security decisions.
The post ...
People are starting to hand more decisions to AI agents, from booking trips to sorting digital files. The idea sounds simple. Tell the agent what you want, then let it work through the steps. The hard part is what the agent does with personal ...
Prometheus is an open-source monitoring and alerting system built for environments where services change often and failures can spread fast. For security teams and DevOps engineers, it has become a common way to track system behavior, spot early ...
Mobile security has long depended on tight control over how apps and services interact with a device. A new paper from the Center for Cybersecurity Policy and Law warns that this control may weaken as the European Union’s Digital Markets Act ...
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwords, track access, and ...
Join us in the midst of the holiday shopping season as we discuss a growing privacy problem: tracking pixels embedded in marketing emails. According to Proton’s latest Spam Watch 2025 report, nearly 80% of promotional emails now contain ...
Manufacturing leaders may feel that ransomware risk has settled, but new data shows the threat is shifting in ways that require attention, according to a Sophos report. A global survey of 332 IT and security leaders outlines how attackers are ...
Learn how fine-grained access control protects sensitive Model Context Protocol (MCP) data. Discover granular policies, context-aware permissions, and quantum-resistant security for AI infrastructure.
The post Fine-Grained Access Control for ...
Understand the key differences between CIAM and IAM. Learn which identity management solution is right for your business for customer and employee access.
The post CIAM vs IAM: Comparing Customer Identity and Identity Access Management appeared ...
United States of America’s NASA Astronaut Jessica Meir’s Hanukkah Wishes from the International Space Station: Happy Hanukkah to all those who celebrate it on Earth! (Originally Published in 2019)
...
What Role Do Non-Human Identities Play in Securing Our Digital Ecosystems? Where more organizations migrate to the cloud, the concept of securing Non-Human Identities (NHIs) is becoming increasingly crucial. NHIs, essentially machine identities, ...
What Challenges Do Organizations Face When Managing NHIs? Organizations often face unique challenges when managing Non-Human Identities (NHIs). A critical aspect that enterprises must navigate is the delicate balance between security and ...
Why Are Non-Human Identities Essential for Secure Cloud Environments? Organizations face a unique but critical challenge: securing non-human identities (NHIs) and their secrets within cloud environments. But why are NHIs increasingly pivotal for ...
Are You Overlooking the Security of Non-Human Identities in Your Cybersecurity Framework? Where bustling with technological advancements, the security focus often zooms in on human authentication and protection, leaving the non-human ...
Session 5D: Side Channels 1
Authors, Creators & Presenters: Jonas Juffinger (Graz University of Technology), Fabian Rauscher (Graz University of Technology), Giuseppe La Manna (Amazon), Daniel Gruss (Graz University of ...
How can we describe the past year in cybersecurity? No doubt, AI was front and center in so many conversations, and now there’s no going back. Here’s why.
The post 2025: The Year Cybersecurity Crossed the AI Rubicon appeared first on Security ...
What is the LGPD (Brazil)? The Lei Geral de Proteção de Dados Pessoais (LGPD), or General Data Protection Law (Law No. 13.709/2018), is Brazil’s comprehensive data protection framework, inspired by the European Union’s GDPR. It regulates ...
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 40 open-source tools redefining how security teams secure the stack Open source security software has become a key way for teams to get ...
