The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S. The plan was announced at the Open Source Software Security Summit II in Washington, D.C., on Thursday.
According to a recent survey conducted by Noname Security, 41% of
organizations experienced an API security incident in the last 12 months and
63% of the incidents involved a data breach or data loss. Filip Verloy, technical
evangelist, EMEA at Noname Security, says that “tighter integration of API
security...
In light of research saying 41% of organizations had an API security incident in the last year and 63% of the incidents involved a data breach or loss, Filip Verloy of Noname Security discusses how tighter integration of API security testing and other "shift left" strategies can mitigate breaches.
When it comes to vulnerabilities, what you don’t know can hurt you. Just because a system doesn’t have any known vulnerabilities, it does not mean it is secure. There are almost infinite possibilities for input into a product, and any one of them might lead to an undiscovered security flaw. In this guide, we...
Global research: Security leaders’ priorities for cloud integrity, the talent gap and the most urgent attack vectors.
Exacerbated by the pressures of the pandemic, the rise of dangerous avenues of attack and a crisis of staff burnout, security teams are dealing with a lot:
78% of security and IT leaders say...
FedRAMP compliance for a software as a service (SaaS) vendor is challenging at scale. The only way to force multiply your security effort is to use cloud native technology. Datadog in particular has some unique concerns with regard to securing customer data. Join this session to learn exactly how they maintain...
How do we reflect on the Log4j crisis and emerge with lessons learned to apply to the next big application security incident? Julian Azaret shares insights, including how ITOps and SecOps must collaborate in new ways to ensure better preparedness.
In this interview eBook with Information Security Media Group,...
You can see it in the headlines: Apps are a prominent vector for adversaries to get entry into organizations and access to the digital crown jewels.
Daniel Shugrue of Digital.ai tells why "shift left" means far more than just testing software for vulnerabilities.
In an interview with Information Security Media...
How do we reflect on the Log4j crisis and emerge with lessons learned to apply to the next big application security incident? Julian Azaret shares insights, including how ITOps and SecOps must collaborate in new ways to ensure better preparedness.
You can see it in the headlines: Apps are a prominent vector for adversaries to get entry into organizations and access to the digital crown jewels. Daniel Shugrue of Digital.ai tells why "shift left" means far more than just testing software for vulnerabilities.
Jeff Williams, co-founder and CTO of Contrast Security, says people have a right to know if the products they use are secure. It's difficult to tell if software is secure, he says, so companies need incentives to build good security programs, improve their software and disclose any flaws they find.
Fresh from the Log4j mitigation sprint, enterprises now find themselves confronting cultural barriers between application development and security. Larry Maccherone of Contrast Security shares insight on how to tear down these walls and incentivize new behaviors.
In the midst of accelerated modernization, increased cybersecurity risks, and the new normal of hybrid work and learning environments, technology leaders in higher education have had to meet enormous challenges. As we enter the new year, what’s on their minds when it comes to issues of cybersecurity, hybrid...
Because healthcare IT environments are so complicated, it will become essential for all suppliers to provide and maintain a software bill of materials for their products to remain relevant, says Curt Miller of the Healthcare Supply Chain Association.
"Mainframe" and "modernization" are not often used in the same sentence. But Eric Odell and Paul Allard of BMC Software share a mainframe DevOps strategy that can result in cost savings, automation efficiencies and reduced risk of mainframe defects.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.