Application Security News and Articles


5 Security Benefits of Application Mapping

Application mapping can have many advantages for organizations managing complex IT infrastructure, not the least of which is security. The post 5 Security Benefits of Application Mapping appeared first on Security Boulevard.

Data Theorem releases API Attack Path Visualization for enhanced API and Software supply chain security

Data Theorem has introduced the API Attack Path Visualization capabilities for the protection of APIs and the software supply chain. This latest enhancement of its API Secure solution empowers organizations with a comprehensive understanding of ...

Atlassian fixes four critical RCE vulnerabilities, patch quickly!

Atlassian has released security updates for four critical vulnerabilities (CVE-2023-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523) in its various offerings that could be exploited to execute arbitrary code. About the vulnerabilities ...

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)

Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the ...

Living Security Unify Go improves human risk management

Living Security announced Unify Go, a free tool for Living Security training customers that surfaces security vulnerabilities across the workforce by aggregating and correlating employee behavior across security training, phishing, and email ...

BlueSky: Understanding and Combating the Ransomware Threat

Threat Overview – BlueSky In the ever-evolving landscape of cyber threats, a new player has emerged with alarming efficiency: the BlueSky Ransomware variant. First spotted in June 2022, this malicious software has been targeting public-facing ...

Cybersecurity Maturity Assessment and Measurement Guide

Learn how to enhance your cybersecurity posture with our step-by-step maturity assessment and measurement guide. The post Cybersecurity Maturity Assessment and Measurement Guide appeared first on Security Boulevard.

Atsign releases SSH No Ports 4.0 with Windows support and SDK

Atsign has unveiled the release of SSH No Ports 4.0. SSH No Ports is a system administration tool used to access remote systems (gateways, industrial PCs, and many other devices) via SSH from anywhere, without the need for network configuration, ...

Survey Surfaces Wasted Efforts Collecting Cybersecurity Data

Security teams are wasting time and resources normalizing data to store and analyze it in a separate platform instead of relying on the same data IT teams use to manage operations. The post Survey Surfaces Wasted Efforts Collecting Cybersecurity ...

Understanding Each Link of the Cyberattack Impact Chain

A cyberattack’s impact chain starts with the initial breach and frequently has no clear endpoint. But it's important to understand every 'link' to mitigate the damage. The post Understanding Each Link of the Cyberattack Impact Chain appeared ...

Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM

With the rapidly evolving threat landscape and complexity of interconnected applications, identifying real, business-critical application risks is more challenging than ever. Application security teams need a better solution than their current ...

How Votiro Protects Microsoft O365 from File-borne Threats

Microsoft Office 365 (O365) continues to be a key platform where businesses and individuals connect, create, and communicate with one another, continuously evolving to take full advantage of the cloud and its ability to bring ideas and assets ...

Understanding VAPT: A Simple Guide to Vulnerability Assessment and Penetration Testing

What is VAPT? Vulnerability Assessment and Penetration Testing (VAPT) is a two-step security testing methodology. The first step is Vulnerability Assessment, in which our team identifies all vulnerabilities in an application or network. However, ...

Publishing Trail of Bits’ CodeQL queries

By Paweł Płatek We are publishing a set of custom CodeQL queries for Go and C. We have used them to find critical issues that the standard CodeQL queries would have missed. This new release of a continuously updated repository of CodeQL queries ...

Lenovo and Microsoft join forces to simplify security deployments

Lenovo and Microsoft are working together to help organizations operate more securely across their devices, users, apps, data, networks, and cloud services through a subscription-based Cyber Resiliency as a Service (CRaaS) offering. The offering ...

Microsoft will offer extended security updates for Windows 10

Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay for ...

Searchlight Cyber launches Exposure Data view in DarkIQ

Searchlight Cyber has launched a new Exposure Data view in DarkIQ, collating 450+ billion dark web data points from data breaches and malware infection to help organizations spot threats related to their business long before they trigger ...

Top Characteristics of a QR Code Phishing Email

By Max Gannon QR codes in the phishing threat landscape are a major topic of interest and worth paying particularly close attention to, despite how insignificant they were earlier this year. QR codes change the attack vector and enable threat ...

Cisco AI Assistant for Security helps customers automate complex tasks

Cisco unveiled the Cisco AI Assistant for Security. This marks a major step in making AI pervasive in the Security Cloud, Cisco’s unified, AI-driven, cross-domain security platform. The AI Assistant will help customers make informed ...

How Cyber Risk Management Tools Have Evolved

In the ever-expanding digital landscape, businesses continually embrace many technologies to stay competitive and agile. However, this rapid adoption often leads to a complex web of disparate tools, giving rise to what is known as technology ...