Application Security News and Articles
Open source components are the building blocks of modern applications. But what happens when these very components are weaponized, silently infiltrating your software supply chain?
The post Unmasking the invisible threat: Ilkka Turunen’s ...
Authors/Presenters:Sajy Khashab, Alon Rashelbach, Mark Silberstein, Technion
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI ...
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September. The fixed zero-days “We are aware of a ...
OpenBSD is a free, multi-platform 4.4BSD-based UNIX-like operating system. The 57th release, OpenBSD 7.6, comes with new features, various improvements, bug fixes, and tweaks. Security improvements Added -fret-clean option to the compiler, ...
At Seceon’s 2024 Innovation and Certification Days, one of our most dynamic partners, German Moreno, CEO of ZetTateK, shared an inspiring case study on how Seceon’s AI-driven cybersecurity solutions transformed a complex security challenge ...
In this episode, Edwin Shuttleworth from Finite State discusses firmware security, insights from the GRRCON Security Conference, and the challenges of firmware analysis. The conversation covers various topics, including firmware scraping ...
via the comic humor & dry wit of Randall Munroe, creator of XKCD
Permalink
The post Randall Munroe’s XKCD ‘University Commas’ appeared first on Security Boulevard.
October is Cybersecurity Awareness Month. In conjunction with that, IBM has released an updated X-Force Threat report. This report was developed using threat intelligence from Cybersixgill, Red Hat Insights, and the IBM X-Force team and focuses ...
Authors/Presenters:Shawn Shuoshuo Chen, Keqiang He, Rui Wang, Srinivasan Seshan, Peter Steenkiste
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and ...
The adoption of cloud computing has become a cornerstone of modern business operations today. However, this shift brings forth significant concerns about data protection and security. Cloud security assessment plays a crucial role in safeguarding ...
Dashlane launched Credential Risk Detection, a solution that continuously monitors and detects at-risk credential activity in real-time across the workforce, whether employees use a password manager or not. The web extension-based solution is the ...
Trend Micro revealed today it will extend an alliance with NVIDIA to include a Morpheus platform that harnesses graphical processor units (GPUs) to apply artificial intelligence (AI) to security operations.
The post Trend Micro Extends NVIDIA ...
This blog post showcases why fundamental code security is essential for an application despite all hardening measures applied in the underlying infrastructure.
The post Why Code Security Matters – Even in Hardened Environments appeared ...
Sophisticated cyberattackers have now expanded their focus beyond front-end applications.
The post What’s a Software Supply Chain Attack? Examples and Prevention appeared first on Security Boulevard.
Like any good tool, artificial intelligence (AI) boasts a variety of use cases—but just as many risks.
The post NIST AI Risk Management Framework Explained appeared first on Security Boulevard.
Data Theorem launched Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment. Code Secure uniquely integrates Static Application Security Testing (SAST), Software ...
DAST is an essential part of a nutritious application security diet—not just a once-a-quarter treat.
The post Don’t Treat DAST Like Dessert appeared first on Security Boulevard.
Natural disasters often bring out the best in people, with communities and organizations coming together to help those in need. Unfortunately, they also present opportunities for cybercriminals looking to exploit the chaos for financial gain. ...
OTAVA introduced the OTAVA S.E.C.U.R.E. Score to help businesses further improve their security posture. The S.E.C.U.R.E. Score is a dynamic metric that assesses vulnerabilities, and makes recommendations on how to close security gaps and ...
Previously in this space we’ve covered how Tidal Cyber Enterprise Edition and Breach & Attack Simulation (BAS) tools complement each other in a mature Threat-Informed Defense security program. We’re delighted to announce the General ...
