Centraleyes

APRIL 22, 2024

The Federal Information Security Modernization Act (FISMA) establishes a comprehensive strategy for enhancing the cybersecurity posture of federal agencies. Department of Commerce responsible for developing and promoting standards and guidelines to enhance the security and interoperability of information systems.

Risk 52

Risk Information Security Encryption Cybersecurity 52

Security Boulevard

AUGUST 21, 2023

In the fast-paced world of modern development that is driven by the constant need for innovation and rapid delivery, security teams are facing an increasing challenge in ensuring secure application delivery.

Software 96

Software Risk 96

Security Boulevard

APRIL 8, 2021

Applications are no longer standalone monoliths, they now rely on thousands of independent building blocks: cloud infrastructure, databases, SaaS components such as Stripe, Slack and HubSpot, just to name a few. Secrets are the glue that connects these different application building blocks by making a secure connection.

Software 139

Software Cybersecurity 139

Security Affairs

FEBRUARY 14, 2024

Adobe Patch Tuesday security updates for February 2024 addressed more than 30 vulnerabilities in multiple products, including critical issues. Adobe Patch Tuesday security updates released by Adobe addressed over 30 vulnerabilities across various products, including critical issues. ” reads the advisory.

Software 126

Software Authentication Ransomware 126

Security Boulevard

JULY 19, 2023

We are proud to share that our Unified API Protection platform has been honored as a gold winner in the 18th Annual 2023 Globee® Awards for Information Technology in Application Programming Interfaces (API) Management, Full Life Cycle API Management, and IT Solutions for Retail categories.

Retail 98

Retail Technology 98

Security Affairs

JANUARY 27, 2021

That’s one reason we added this new category and teamed up with Zoom to have them in the contest. A successful demonstration of an exploit in either of these products will earn the contestant $200,000 – quite the payout for a new category.” If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Hacking 118

Hacking Information Security Malware 118

Security Boulevard

JANUARY 19, 2022

A closer look at the newest Cloud Security category as defined by Gartner: Cloud Native Application Protection Platform (CNAPP). The post Cloud Native Application Protection Platform (CNAPP): An Evolving Approach to Cloud Security appeared first on Ermetic.

98

98

The Hacker News

FEBRUARY 8, 2021

While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the "Application Crowdtesting Services" category.

Software 144

Software 144

CSO Magazine

APRIL 27, 2023

With the recent publication of Gartner’s updated Magic Quadrant for Security Service Edge , we have been asked by several CXOs about this fast-growing solution category and how it relates to zero trust. Once deployed, zero trust technology provides secure access to public or private destinations for users, things, and workloads.

Architecture 108

Architecture Mobile Technology 108

CyberSecurity Insiders

OCTOBER 10, 2021

In September this year, the update happened as the nonprofit Open Web Application Security Project refreshed the content of the OWASP Top 10 2021 website. It is now regarded as the most serious web application security risk based on the data contributed to OWASP’s threat intelligence, which shows that 3.81

Cyber threats 117

Cyber threats Cyber Attacks Software Risk 117

Security Boulevard

DECEMBER 28, 2021

It’s been four years since OWASP updated its Top 10 list , but this year we got three brand new categories along with a reshuffling of the rest. With lists from years past, the specificity meant that they could be used (some would say misused) as a starting point for identifying vulnerabilities present in your application.

Software 112

Software Risk Authentication 112

Veracode Security

FEBRUARY 17, 2022

A SQL injection flaw allows for an attacker to modify or inject SQL syntax into the request to make the application behave in a manner that was not initially intended. Injection flaws were the number one flaw category under the OWASP 2017, and, currently, injection flaws hold the number three spot in the OWASP 2021.

Authentication 136

Authentication Information Security 136

CyberSecurity Insiders

MARCH 23, 2022

Includes security for business-critical applications to protect the digital heart of businesses. COPENHAGEN, Denmark & BOSTON, March 22, 2022 — Logpoint is now making its Converged SIEM, combining SIEM, SOAR, UEBA, and security for business-critical applications generally available.

Data privacy 136

Data privacy Threat Detection Cybersecurity Technology 136

Dark Reading

SEPTEMBER 15, 2021

The Open Web Application Security Project reshuffles its list of top threats, putting broken access controls and cryptographic failures at the top and creating three new risk categories.

Risk 98

Risk 98

Security Boulevard

JUNE 11, 2021

On May 17th, during the RSA conference, we were thrilled that ForAllSecure has won a Global InfoSec award in the Publisher’s Choice in Application Security category. Winning the award in the Publisher's Choice in Application Security validates our mission to make the world's software secure," said CEO David Brumley.

InfoSec 97

InfoSec Software 97

The Hacker News

JULY 1, 2022

Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its "complex multi-step attack flow" and an improved mechanism to evade security analysis.

Malware 88

Malware Mobile 88

Security Affairs

MAY 23, 2023

Google introduced Mobile VRP (vulnerability rewards program), a new bug bounty program for reporting vulnerabilities in its mobile applications. Google announced a new bug bounty program, named Mobile VRP (vulnerability rewards program), that covers its mobile applications. We are in the final!

Mobile 96

Mobile Hacking Accountability Cybersecurity 96

The Last Watchdog

AUGUST 4, 2023

With Black Hat USA 2023 ramping up in Las Vegas next week, cybersecurity startup Trustle is championing a new product category—Identity Threat Detection & Response ( ITDR )—which aims to enhance the capabilities of legacy IAM solutions. The big thing is managing entitlements across multiple SaaS applications,” Berenbaum told me.

Threat Detection 181

Threat Detection CISO Internet Internet 181

The Hacker News

OCTOBER 14, 2021

Cloud security is the umbrella that holds within it: IaaS, PaaS and SaaS. Gartner created the SaaS Security Posture Management (SSPM) category for solutions that continuously assess security risk and manage the SaaS applications’ security posture.

Risk 95

Risk 95

Schneier on Security

AUGUST 28, 2019

Yet that's not possible, because there is no longer any difference between those categories of devices. They affect national security. We are talking about consumer products and services such as messaging, smart phones, e-mail, and voice and data applications.". They're critical to national security as well as personal security.

Computers and Electronics 251

Computers and Electronics Encryption Internet Internet 251

Veracode Security

SEPTEMBER 19, 2023

Developing and maintaining secure code at scale is hard. Having the right Static Application Security Testing (SAST) solution makes it easier, but how are practitioners to choose? Veracode earns the top scores across the Current Offering, Strategy, and Market Presence (tied) categories.

Marketing 52

Marketing 52

The Last Watchdog

JANUARY 31, 2024

Ghosemajumder “Generative AI cybercrime poses the greatest security challenge of our time,” said Shuman Ghosemajumder, co-founder & CEO of Reken. While billions have been spent on security products, the impact of cybercrime has actually been getting worse. For more information, please visit [link].

Artificial Intelligence 100

Artificial Intelligence Education Cybercrime Social Engineering 100

Security Boulevard

JULY 20, 2021

Anitian cited as a Sample Vendor in the Continuous Compliance Automation (CCA) category, as DevOps and DevSecOps adoption grows. The post Anitian Named a Vendor in Gartner Hype Cycle for Agile and DevOps appeared first on Security Boulevard.

111

111

Cisco Security

SEPTEMBER 23, 2021

As part of our strategy to enhance application awareness for SecOps practitioners, our new Secure Firewall Application Detectors portal, [link] , provides the latest and most comprehensive application risk information available in the cybersecurity space. Analyzing and report on application usage.

Firewall 112

Firewall Risk Media Engineering 112

Heimadal Security

MARCH 25, 2022

Free Open-Source Software (FOSS) is a software category that incorporates computer programs that are freely licensed and open-source. This article will focus on the major differences between FOSS and OSS (Open-Source Software), applicability, and the various security vulnerabilities associated with this type of […].

Software 83

Software Education 83

The Last Watchdog

JUNE 2, 2022

Related: Managed security services catch on. From Office 365 to Zoom to Salesforce.com, cloud-hosted software applications have come to make up the nerve center of daily business activity. Here are the key takeaways: Shrugging off security. Here are the key takeaways: Shrugging off security.

Cloud Migration 201

Cloud Migration CISO Technology Security Awareness 201

CSO Magazine

SEPTEMBER 13, 2022

Security Service Edge (SSE) is a relatively new category. To read this article in full, please click here

Architecture 65

Architecture Ransomware 65

CyberSecurity Insiders

JANUARY 18, 2023

It does it in a detailed fashion by giving a text explanation on security and privacy practices employed by the mobile apps. Furthermore, BeVigil can also prove as a resourceful tool to identify security risks and existing bugs on an application.

Engineering 132

Engineering Artificial Intelligence Mobile Internet 132

Thales Cloud Protection & Licensing

FEBRUARY 22, 2022

A holistic, cloud-based cybersecurity solution helps organizations quickly and easily increase their security posture, and comprehensively address the key areas of vulnerability by providing effective data classification, protection and access strategies to secure even the most sensitive data in a multi cloud or hybrid environment.

Cybersecurity 71

Cybersecurity Encryption Authentication Data breaches 71

eSecurity Planet

JULY 5, 2023

A pentest framework, or penetration testing framework, is a standardized set of guidelines and suggested tools for structuring and conducting effective pentests across different networks and security environments. Reporting results: The pentest framework is used to frame results based on tools used, tactic category performance, and more.

Penetration Testing 84

Penetration Testing Cybersecurity Social Engineering Hacking 84

InfoWorld on Security

SEPTEMBER 28, 2021

But the cloud turned security on its head, creating entire new categories of risks and challenges that are straining security teams beyond their capacity. Security has become the primary rate-limiting factor for how fast teams can go in the cloud and how agile and efficient organizations can become.

Engineering 122

Engineering Risk 122

Security Boulevard

JUNE 15, 2021

—June 15, 2021—ManagedMethods, the leading Google Workspace and Microsoft 365 cybersecurity, student safety, and compliance platform for K-12 school districts, today announced it has won the 2021 Fortress Cyber Security Award in the Application Security category.

Cybersecurity 90

Cybersecurity 90

Daniel Miessler

MAY 19, 2021

A definitions reminder: Incident : A security event that compromises the integrity, confidentiality or availability of an information asset. Top three patterns in breaches were: social engineering, basic web application attacks, and system intrusion. Content extraction. My Definitions of Event, Alert, and Incident.

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

Security Affairs

MAY 27, 2022

can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. ERMAC first determines what applications are installed on the host device and then sends the information to the C2 server. RECORD_AUDIO Allows an application to record audio??

Banking 141

Banking Malware Cybercrime Phishing 141

Security Boulevard

APRIL 17, 2023

Imperva is a leader in every category – Market, Innovation, and Product Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, is an Overall Leader in the 2023 KuppingerCole Leadership Compass for Data Security Platforms.

Marketing 52

Marketing Cybersecurity 52

Security Affairs

MARCH 23, 2023

#Pwn2Own pic.twitter.com/UTvzqxmi8E — Zero Day Initiative (@thezdi) March 22, 2023 The first hack of the day was performed by the AbdulAziz Hariri ( @abdhariri ) of Haboob SA ( @HaboobSa ), who demonstrated a zero-day attack against Adobe Reader in the Enterprise Applications category. Master of Pwn points. Master of Pwn points.

Hacking 98

Hacking Information Security 98

Security Boulevard

JUNE 6, 2022

Anitian named top cybersecurity company in an astounding nine categories, including Hot Company Security Company of the Year, Most Comprehensive Compliance, and Hot Company Enterprise Security. The post Anitian Wins Nine Global InfoSec Awards at RSA Conference 2022 appeared first on Security Boulevard.

InfoSec 61

InfoSec Cybersecurity 61