U.S. government agencies are supposed to have patched the "Zerologon" vulnerability by now, about six weeks after Microsoft issued a patch. But CISA warns that too many agencies' systems remain unpatched.
The U.S. Commerce Department is banning the downloading and hosting of China-based social media apps TikTok and WeChat effective on Sunday, citing national security concerns. The announcement comes as Oracle continues to negotiate a deal for partnering on TikTok's U.S. operations.
In the year of accelerated digital transformation, software development is undergoing transition - and so is application security testing. Matt Rose of Checkmarx offers tips to ensure you get the most out of automating your AST solutions.
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
While breaches will inevitably lead to "blaming and shaming," smart security professionals want to ensure that they are following security best practices to protect customer data and trade secrets. A good benchmark for this is to enforce "reasonable" security measures.
Download this whitepaper to:
Learn about the...
To insulate themselves against catastrophic data breaches, companies are moving toward modernizing their tech stacks through the refactoring and consolidation of legacy software components.
On top of bolstering data security, modernization also increases agility, shortens app development cycles, and reduces...
In the three years since Equifax suffered a massive data breach, the consumer credit reporting firm says it has worked tirelessly to overhaul the security shortcomings that allowed the breach to happen. Equifax CISO Jamil Farshchi and other security experts weigh in on important lessons learned.
The U.S. Cybersecurity and Infrastructure Security Agency is ordering most executive branch agencies and departments to create vulnerability disclosure programs by March 2021. Some agencies, such as the Pentagon, already have robust programs in place.
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis.
Pike13, a tech company that delivers cloud-based client management software, gives gyms and yoga studios a simple interface to handle daily administrative tasks. The all-in-one platform enables fitness providers to manage staff and clients, including payroll, scheduling and communications.
Pike13 is one of the...
Organizations are increasingly turning to containers and Kubernetes to improve the efficiency and scalability of software development efforts. Containers introduce new security issues, highlighting the need for container specific security tools.
Download this whitepaper to learn why organizations must balance the...
Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
This ESG Technical Review documents ESG's evaluation and analysis of how HCL AppScan can help developers continuously secure applications using policies defined by security specialists. It also evaluates how AppScan can easily be integrated into CI/CD pipelines and support other aspects of DevSecOps initiatives to...
In application security testing, Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) are prominent techniques. However, Interactive Application Security Testing (IAST) is a promising new entrant in AST, helping to dramatically reduce false positives. This white paper provides a...
Gartner has recognized Splunk as a Visionary in the Magic Quadrant for Application Performance Monitoring (APM). We believe this first-time placement in the research reflects the market-leading APM capabilities from Splunk, the Data-to-Everything Platform, including Splunk Enterprise, and Splunk IT Service...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
