Application Security News and Articles
A recent UNC6395 Salesloft Drift breach reveals Salesforce SaaS risks. Learn how to simplify breach detection, prevention, and visibility.
The post UNC6395 and the Salesloft Drift Attack: Why Salesforce OAuth Integrations are a Growing Risk ...
Broadcom today added a slew of cybersecurity updates, including a technology preview of an update to VMware vDefend that secures communications between artificial intelligence (AI) agents, promising to improve overall resiliency and automate ...
Summary
This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet ...
Why is Advanced NHI Detection the Game Changer in Cybersecurity? Have you ever considered how Non-Human Identities (NHIs) impact your organization’s cybersecurity strategy? Protecting your business extends far beyond securing your employees’ ...
Unlocking the Real Value of Secrets Vault Security How much credence does your organization assign to secrets vault security? If you are operating in the cloud, the bulletproof protection of Non-Human Identities (NHIs) and their associated ...
Creator, Author and Presenter: Seth Law, Ariel Shin, Lakshmi Sudheer, Ken Johnson
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. ...
Zero Trust security isn’t something you buy. It’s something you do. Or more accurately, it’s something you commit to doing every day, across every part of your network. If that...
The post Zero Trust Security Is a Mindset, Not a Technology ...
The post What is Security Automation? Why Your Business Can’t Afford to Ignore It appeared first on AI Security Automation.
The post What is Security Automation? Why Your Business Can’t Afford to Ignore It appeared first on Security Boulevard.
Microsoft recently introduced a new framework designed to assess the security of AI models. It’s always encouraging to see developers weaving cybersecurity considerations into the design and deployment of emerging, disruptive technologies. ...
Citrix has released patches to address a zero-day remote code execution vulnerability in NetScaler ADC and NetScaler Gateway that has been exploited. Organizations are urged to patch immediately.
Background
On August 26, Citrix published a ...
The convergence of Information Technology (IT) and Operational Technology (OT) in Industry 4.0 (allows for smart manufacturing and the creation of intelligent factories) environments, such as manufacturing, energy, and critical infrastructure, ...
ShinyHunters Hunt Again: Scattered Spider claims another Salesforce instance—albeit three months ago.
The post Farmers Group Loses 1.111M PII Rows: It’s Salesforce Again appeared first on Security Boulevard.
Creator, Author and Presenter: Austin Northcutt
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s ...
Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight.
The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek.
In this blog, you’ll learn how to add a source, route data to your destinations, and apply AI-recommended filtering rules in clicks, giving your team faster visibility and measurable cost savings.
The post When Connecting Your Security Data: ...
Every enterprise claims they want to build the “next Tesla” or “next Amazon.” But here’s the uncomfortable truth: most of them are still running product...Read More
The post Why Enterprises are Betting on Agile PODs to Build Their Next ...
SpyCloud released the Consumer IDLink solution, designed to help financial institutions and other consumer-facing organizations reduce risk and prevent fraud stemming from consumer identity exposures. Consumer IDLink, delivered via API, uses ...
In today’s digital landscape, hybrid cloud security and IoT/OT cybersecurity are mission-critical. Gartner predicts that 90% of organizations will adopt a hybrid cloud approach by 2027, and industry reports show that roughly one in three data ...
Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on ...
I was scrolling through my security feeds this morning when I came across news that MITRE has finally updated their Most Important Hardware Weaknesses List. While this should have been cause for celebration, I found myself feeling more frustrated ...
