Help Net Security

Amazon Inspector allows search of its vulnerability intelligence database
Amazon Inspector is designed to manage vulnerabilities by continuously scanning your AWS workloads for software vulnerabilities and unintended network exposure across your …

Top API vulnerabilities organizations can’t afford to ignore
75% of organizations typically change or update their APIs on a daily or weekly basis, creating a significant challenge for protecting the changing API attack surface, …

Unpaid open source maintainers struggle with increased security demands
Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …

5 API security best practices you must implement
As outside economic pressures continue to shape how organizations think and allocate resources, data security continues to be a high priority. Due to their dependence on data …

Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …

Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope. On average, five out …

Security in the cloud with more automation
Hopefully, you’ve been working with the Center for Internet Security (CIS) on securing your cloud infrastructure for a while now. Initially, you might have used our CIS …

The warning signs for security analyst burnout and ways to prevent
Security analysts face the demanding task of investigating and resolving increasing volumes of alerts daily, while adapting to an ever-changing threat landscape and keeping up …

The costly threat that many businesses fail to address
Insider attacks such as fraud, sabotage, and data theft plague 71% of U.S. businesses, according to Capterra. These schemes can cost companies hundreds of thousands of dollars …

Data-driven insights help prevent decisions based on fear
Organizations have strengthened security measures and become more resilient, but threat actors are still finding ways through, according to BakerHostetler. “We launched the …

Using just-in-time access to reduce cloud security risk
Excessive privileges are a continuing headache for security professionals. As more organizations migrate assets to the cloud, users with excessive permissions can expand the …

Cybercriminals use proxies to legitimize fraudulent requests
Bot attacks were previously seen as relatively inconsequential type of online fraud, and that mentality has persisted even as threat actors have gained the ability to cause …