Application Security

Employees worry less about cybersecurity best practices in the summer

API security, Application Security, BYOD, cybersecurity, News, remote working, report, survey, ThreatX /

Employees worry less about cybersecurity best practices in the summer 30/06/2023 at 04:17 By Help Net Security IT teams are struggling to monitor and enforce BYOD (Bring Your Own Device) policies during summer months when more employees are often traveling or working remotely, according to ThreatX. With more endpoints and applications in use, and often […]

React to this headline:

Loading spinner

Employees worry less about cybersecurity best practices in the summer Read More »

Nokod Snags $8M to Secure Low Code/No-Code Custom Apps

Application Security, appsec, Compliance, Funding/M&A, low-code/no-code, Nokod /

Nokod Snags $8M to Secure Low Code/No-Code Custom Apps 29/06/2023 at 16:47 By Ryan Naraine Tel Aviv startup scores investment to build technology to secure in-house low-code/no-code custom applications. The post Nokod Snags $8M to Secure Low Code/No-Code Custom Apps appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Nokod Snags $8M to Secure Low Code/No-Code Custom Apps Read More »

CISA, NSA Share Guidance on Securing CI/CD Environments

Application Security, Security Architecture /

CISA, NSA Share Guidance on Securing CI/CD Environments 29/06/2023 at 15:17 By Ionut Arghire New guidance from CISA and the NSA provides recommendations on securing CI/CD pipelines against malicious attacks. The post CISA, NSA Share Guidance on Securing CI/CD Environments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

CISA, NSA Share Guidance on Securing CI/CD Environments Read More »

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites

Application Security, CVE-2023-2834, CVE-2023-2986, CVSS 9.8, Vulnerabilities, WooCommerce, WordPress /

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites 21/06/2023 at 19:14 By Ionut Arghire Two critical-severity authentication bypass vulnerabilities in WordPress plugins with tens of thousands of installations. The post Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites Read More »

The limitations of shifting left in application security

Application Security, Bionic, Don't miss, Hot stuff, microservices, strategy, tips, Video /

The limitations of shifting left in application security 21/06/2023 at 07:40 By Help Net Security In this Help Net Security video, Jacob Garrison, Security Research for Bionic, explains the limitations of shifting left in application security. Key factors hindering the effectiveness of shifting left: Achieving 50%+ application test coverage is unrealistic, especially in microservices environments

React to this headline:

Loading spinner

The limitations of shifting left in application security Read More »

Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits

Application Security, Zero-Day /

Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits 15/06/2023 at 18:28 By Eduard Kovacs Fake security researcher accounts seen distributing malware disguised as Chrome, Signal, WhatsApp, Discord and Exchange zero-day exploits. The post Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits Read More »

Patch Tuesday: Critical Flaws in Adobe Commerce Software

Application Security, Vulnerabilities /

Patch Tuesday: Critical Flaws in Adobe Commerce Software 13/06/2023 at 19:21 By Ryan Naraine Adobe ships urgent fixes for at least a dozen flaws that expose Adobe Commerce users to code execution attacks. The post Patch Tuesday: Critical Flaws in Adobe Commerce Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Patch Tuesday: Critical Flaws in Adobe Commerce Software Read More »

US Government Provides Guidance on Software Security Guarantee Requirements

Application Security, Government, Government Policy /

US Government Provides Guidance on Software Security Guarantee Requirements 12/06/2023 at 16:22 By Ionut Arghire OMB has published new guidance on federal agencies obtaining security guarantees from software vendors. The post US Government Provides Guidance on Software Security Guarantee Requirements appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

US Government Provides Guidance on Software Security Guarantee Requirements Read More »

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption

AI, Application Security, Government, Government Policy, Quantum cryptography /

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption 09/06/2023 at 19:30 By Eduard Kovacs Cybersecurity news that you may have missed this week: AI regulation, layoffs, US aerospace malware attacks, and post-quantum encryption. The post In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption Read More »

Top factors driving enterprise demand for new cybersecurity technology

Application Security, CCgroup, cybersecurity, Endpoint Security, News, report /

Top factors driving enterprise demand for new cybersecurity technology 08/06/2023 at 06:31 By Help Net Security Despite prevailing economic headwinds, the market for cybersecurity products and services remains buoyant, according to CCgroup. The study found that 78% of enterprises in the U.S. and 58% in the UK have increased cybersecurity investment in the last year,

React to this headline:

Loading spinner

Top factors driving enterprise demand for new cybersecurity technology Read More »

VMware Plugs Critical Flaws in Network Monitoring Product

Application Security, CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, VMWare, Vulnerabilities /

VMware Plugs Critical Flaws in Network Monitoring Product 07/06/2023 at 19:02 By Ryan Naraine VMware ships urgent patches to cover security defects that expose businesses to remote code execution attacks. The post VMware Plugs Critical Flaws in Network Monitoring Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

VMware Plugs Critical Flaws in Network Monitoring Product Read More »

OWASP’s 2023 API Security Top 10 Refines View of API Risks

API, Application Security, OWASP /

OWASP’s 2023 API Security Top 10 Refines View of API Risks 07/06/2023 at 15:49 By Kevin Townsend OWASP’s ranking for the major API security risks in 2023 has been published. The list includes many parallels with the 2019 list, some reorganizations/redefinitions, and some new concepts. The post OWASP’s 2023 API Security Top 10 Refines View

React to this headline:

Loading spinner

OWASP’s 2023 API Security Top 10 Refines View of API Risks Read More »

Public sector apps show higher rates of security flaws

Application Security, cybersecurity, News, Ransomware, Veracode /

Public sector apps show higher rates of security flaws 07/06/2023 at 07:09 By Help Net Security Applications developed by public sector organizations tend to have more security flaws than applications created by the private sector, according to Veracode. The findings are notable because increased numbers of flaws and vulnerabilities in applications correlate with increased levels

React to this headline:

Loading spinner

Public sector apps show higher rates of security flaws Read More »

Current SaaS security strategies don’t go far enough

Adaptive Shield, Application Security, data breach, Malware, News, Ransomware, report, SaaS /

Current SaaS security strategies don’t go far enough 07/06/2023 at 06:04 By Help Net Security Many recent breaches and data leaks have been tied back to SaaS apps, according to Adaptive Shield. “We wanted to gain a deeper understanding of the incidents within SaaS applications and how organizations are building their threat prevention and detection

React to this headline:

Loading spinner

Current SaaS security strategies don’t go far enough Read More »

Microsoft, GitHub announce application security testing tools for Azure DevOps

Application Security, Azure, DevOps, Don't miss, GitHub, News, scanning, software development /

Microsoft, GitHub announce application security testing tools for Azure DevOps 24/05/2023 at 14:34 By Zeljka Zorz GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub Advanced Security for Azure DevOps (Source: Microsoft) What is GitHub Advanced Security for Azure DevOps? GitHub

React to this headline:

Loading spinner

Microsoft, GitHub announce application security testing tools for Azure DevOps Read More »

Red Hat Pushes New Tools to Secure Software Supply Chain

Application Security, open source, Red Hat, Supply Chain Security /

Red Hat Pushes New Tools to Secure Software Supply Chain 23/05/2023 at 17:49 By Ryan Naraine Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain. The post Red Hat Pushes New Tools to Secure Software Supply Chain appeared first on

React to this headline:

Loading spinner

Red Hat Pushes New Tools to Secure Software Supply Chain Read More »

Google Launches Bug Bounty Program for Mobile Applications

Application Security, Mobile & Wireless /

Google Launches Bug Bounty Program for Mobile Applications 23/05/2023 at 17:49 By Ionut Arghire Google introduces Mobile VRP bug bounty program for vulnerabilities in its mobile applications. The post Google Launches Bug Bounty Program for Mobile Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Google Launches Bug Bounty Program for Mobile Applications Read More »

Cloudflare Unveils New Secrets Management Solution

Application Security, Cloudflare /

Cloudflare Unveils New Secrets Management Solution 19/05/2023 at 13:05 By Ionut Arghire Cloudflare introduces Secrets Store, a new solution to help developers and organizations securely store and manage secrets. The post Cloudflare Unveils New Secrets Management Solution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Cloudflare Unveils New Secrets Management Solution Read More »

Inadequate tools leave AppSec fighting an uphill battle for cloud security

Application Security, Backslash Security, cloud security, cybersecurity, News, report, vulnerability management /

Inadequate tools leave AppSec fighting an uphill battle for cloud security 19/05/2023 at 06:32 By Help Net Security AppSec teams are stuck in a catch-up cycle, unable to keep up with the increasingly rapid, agile dev pace, and playing security defense via an endless and unproductive vulnerability chase, according to Backslash Security. Costly ‘defensive tax’

React to this headline:

Loading spinner

Inadequate tools leave AppSec fighting an uphill battle for cloud security Read More »

New SBOM Hub Helps All Stakeholders in Software Distribution Chain

Application Security, SBOM /

New SBOM Hub Helps All Stakeholders in Software Distribution Chain 18/05/2023 at 17:46 By Ionut Arghire Lineaje introduces SBOM360 Hub, an exchange allowing software producers, sellers, and consumers to publish, share and use SBOMs and related compliance artifacts. The post New SBOM Hub Helps All Stakeholders in Software Distribution Chain appeared first on SecurityWeek. This

React to this headline:

Loading spinner

New SBOM Hub Helps All Stakeholders in Software Distribution Chain Read More »

Scroll to Top