DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
Microsoft addressed vulnerabilities in a dozen of its software products in its Patch Tuesday update for May. And while none of the flaws are currently being exploited, several of the most critical flaws require immediate attention, the company says.
In today's perimeter-free organization, security professionals need a holistic view of all their web, mobile or API-based applications. However, about a third have so many public-facing apps that they've lost count.
These are among the results of The State of Application Security survey sponsored by...
If you are part of an organization that has lost visibility into your pubic facing applications, you are not alone.
In just released research, at least 33% of the respondents said they have too many applications to count. There's a 50% chance you work at an organization that is understaffed in security. You're...
Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?
Google and Apple on Monday released privacy and security guidelines for their jointly developed contact-tracing infrastructure. The companies note that apps developed using their APIs can only be developed by or for public health authorities - and solely to collect information to trace COVID-19 infections.
Done right, a zero trust architecture can reduce the complexity of one's environment while also improving cybersecurity protection and efficiency. Bob Reny of ForeScout focuses on three critical considerations: visibility, compliance and control.
Technology is no panacea, including for combating COVID-19. While that might sound obvious, it's worth repeating because some governments continue to hype contact-tracing apps. Such apps won't magically identify every potential exposure. But they could make manual contact-tracing programs more effective.
APIs ubiquitous in the enterprise today, being exposed to customers, partners and applications. But because they are relied on so heavily, they also are targeted by cybercriminals.
There are more attacks over APIs than on traditional web channels primarily because it's simply easier to attack these...
As Google and Apple prepare to offer a jointly developed infrastructure for contact-tracing smartphone apps to help fight the COVID-19 pandemic, the Electronic Frontier Foundation, a privacy advocacy group, is raising concerns about the risks involved.
As the use of business-critical, cloud-based applications and tools continues to
increase, distributed organizations with multiple remote offices are switching
from performance-inhibited wide-area networks (WANs) to software-defined WAN
(SD-WAN) architectures. SD-WAN offers faster connectivity, cost savings,...
Over the past five years, a sophisticated spyware campaign has been targeting Android users through Trojan-laced apps in the Google Play store that are disguised as various plugins, browser cleaners and application updaters, according to Kaspersky researchers.
Less than 24 hours after the Australian government released its COVID-19 contact-tracing app Sunday, nearly 2 million people had downloaded it. As security and privacy experts review the app, one outstanding question is if the public will trust it enough to reach the public health target of 10 million users.
The process of onboarding vendors has become complicated because of concerns about cybersecurity. To prevent data breaches caused by a third party vendor, security professionals demand that vendors demonstrate and maintain a strong cyber posture.
Effectively checking vendors' cyber posture can be extremely...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.