Application Security News and Articles


How much does Penetration Testing cost?

Introduction When it comes to strengthening your company’s cyber security, penetration testing is a crucial practice. But how much does Penetration Testing Cost exactly? The answer isn’t as straightforward as you might think, different types ...

SolarWinds SEC Complaint: Ensuring Boardroom Accountability With CRQ | Kovrr blog

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post SolarWinds SEC Complaint: Ensuring Boardroom Accountability With CRQ | Kovrr blog appeared first on Security Boulevard.

Ransomware Recovery: What do Firms Need to Know?

What should businesses keep in mind in order to develop an effective ransomware recovery plan? The post Ransomware Recovery: What do Firms Need to Know? appeared first on Security Boulevard.

Using the Principle of Least Privilege to Protect Your Data: Key Benefits and Implementation Tips

Excessive access rights increase the risk of cybersecurity incidents. Implementing the principle of least privilege (POPL) can help you significantly limit the attack surface and protect your organization from the financial and reputational ...

21 high-risk vulnerabilities in OT/IoT routers found

Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The “SIERRA:21 – Living on the Edge” report features research into Sierra Wireless AirLink cellular routers and some open-source ...

How to Foster a Culture of Cybersecurity Compliance

Cybersecurity compliance isn’t just a regulatory necessity; it’s a strategic business asset  As experienced CISOs, CTOs, and cybersecurity practitioners, understanding how to embed cybersecurity compliance into the fabric of an organization ...

Top 6 Security Challenges of SMEs (Small to Medium Enterprises)

Small to Medium Enterprises (SMEs) are vital for innovation and economic growth, and their role in larger supply chains makes them an attractive gateway for hackers. After all, you’re never too small to be a target for cyberattacks.   Over ...

New Ubuntu Security Fixes for Linux Kernel Vulnerabilities

Ubuntu has recently released security fixes for Ubuntu 22.04 LTS and Ubuntu 23.04, addressing several vulnerabilities found in the Linux kernel. Exploiting these vulnerabilities could lead to a denial of service (system crash) or potentially ...

Automating Tasks in CentOS 7 with Cron and Anacron

In the realm of Linux system management, task automation stands as a cornerstone, a trusted ally for administrators seeking to navigate the complex landscape of server maintenance. Within this intricate tapestry, CentOS 7 emerges as a stalwart ...

Kubernetes Security: Sensitive Secrets Exposed

Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. It has been deemed that such exposure could put organizations at risk of supply chain attacks.  Researchers believe that such attacks ...

Hello Authentication Vulnerabilities Discovered: Stay Safe

In the realm of cybersecurity, a recent study has brought to light a series of Hello Authentication vulnerabilities that could compromise the Windows Hello authentication on popular laptop models, including Dell Inspiron 15, Lenovo ThinkPad T14, ...

Three security data predictions for 2024

How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s difficult: Adversaries are adopting and using AI and even generative ...

5 open-source tools for pentesting Kubernetes you should check out

Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. However, with ...

Why zero-trust segmentation is critical for cloud resilience

Nearly all organizations rely on the cloud to store sensitive data and run critical systems. But for many, cloud security hasn’t kept up. 93% agree that zero-trust segmentation is essential to their cloud security strategy. In this Help Net ...

Businesses gain upper hand with GenAI integration

Firms that actively harness generative AI to enhance experiences, offerings, and productivity will realize outsized growth and will outpace their competition, according to Forrester. Between July and September 2023, the number of enterprises that ...

HYAS Insight Uncovers and Mitigates Russian-Based Cyberattack

Russian-Based Adversary Infrastructure AS200593 In this blog, we review a recent case study and detail how HYAS Insight, an advanced threat intelligence and investigation platform, was used to leverage WHOIS information and passive DNS data to ...

The Clorox Approach to the SEC’s New Cyber Rules

In less than a month, the SEC’s new cybersecurity mandates go into effect for all publicly-traded companies. As the December 15th “go live” date rapidly approaches, we are closely watching Read More The post The Clorox Approach to the ...

How to Improve Performance with Client-Side JavaScript Tag Optimizations

Over the last 6 months, DataDome has reduced the size of our client-side JavaScript tag by 53% and total blocking time by 91%, reducing its impact on our customers' websites. The post How to Improve Performance with Client-Side JavaScript Tag ...

Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report

Imperva named an Overall Leader We’re thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report.  Our Leadership excels across the ...

The Absolute Necessity of Multi-Factor Authentication

In an increasingly digital age, the basic username-password combination is no longer sufficient to safeguard online accounts. Two words, one huge security difference: Multi-Factor Authentication (MFA). Multi-Factor Authentication is a […] The ...