Search results for: software


Armory CD Self-Hosted and Managed 2.28 aids DevOps to deploy software at any scale

Armory introduces its CD Self-Hosted and Managed 2.28 product release that supports Armory’s commitment to empowering development teams to deploy software at any scale. Armory’s CD Self-Hosted and Managed 2.28 product release encompasses new features, optimizations, and contributions from the Spinnaker community to ensure development teams can deploy code with even greater confidence than ever before. This release embodies Armory’s commitment to providing Spinnaker and addressing the complex use cases development teams encounter. This includes … More

open source

Sparrow’s new solutions and features help users identify vulnerabilities in source code and web applications

At Black Hat USA 2022, Sparrow is announcing its newly upgraded Sparrow Cloud and open-source management solution, Sparrow SCA. Sparrow Cloud is a single platform for managing security and quality issues of both source code and web applications: running static and dynamic tests, checking test results, marking vulnerability status, and generating reports. Since its introduction in 2018 as a cloud-based static application security testing service, Sparrow Cloud has been evolving continuously. Sparrow Cloud added dynamic … More


Thoma Bravo to acquire Ping Identity for $2.8 billion

Ping Identity announced that it has entered into a definitive agreement to be acquired by Thoma Bravo, a software investment firm, for $28.50 per share in an all-cash transaction valued at an Enterprise Value of approximately $2.8 billion. The offer represents a premium of approximately 63% over Ping Identity’s closing share price on August 2, 2022, the last full trading day prior to the transaction announcement, and a premium of 52% over the volume weighted … More

Christopher Sestito

Machine learning creates a new attack surface requiring specialized defenses

Machine learning (ML) inputs and outputs are becoming more widely available to customers thanks to organizations in almost every sector integrating artificial intelligence (AI) technology into their hardware and software products. Naturally, this has attracted the attention of malicious actors. In this interview for Help Net Security, Christopher Sestito, CEO of HiddenLayer, talks about machine learning security considerations, and the related threats organizations should be worried about. Enterprises are slowly realizing the avenues machine learning … More


How to minimize your exposure to supply chain attacks

Supply chain attacks are on the rise, and many organizations seem unsure on how to respond to the threat, but I’m here to tell you that there are several steps you can take to minimize your risk of being involved in a supply chain breach. These are the top five areas to consider: Carry out a full IT review of your tech stack You can’t protect what you can’t see. To minimize any unknowns, start … More


Query.AI names Matt Eberhart as CEO

Query.AI announced it has named cybersecurity industry veteran Matt Eberhart as chief executive officer (CEO). Eberhart replaces founder and former CEO Dhiraj Sharan, who is taking on the newly created role of chief scientist and continuing to serve on the company’s board of directors. Eberhart joins Query.AI from FireMon where, as chief operating officer, he led initiatives that significantly accelerated subscription revenue growth. “It has been the gift of a lifetime to start and grow … More


“ParseThru” vulnerability allows unauthorized access to cloud-native applications

A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native applications, Oxeye researchers have found. The source of “ParseThru” – as the newly discovered vulnerability has been dubbed – is the use of unsafe URL parsing methods built in the language. About the “ParseThru” vulnerability GoLang is a popular cloud native programming language. It reduces the number of software development dependencies and … More


Burnout and attrition impact tech teams sustaining modern digital systems

Digitalization and rising consumer expectations are having a major impact on the working conditions of the technology teams sustaining the digital operations that drive the modern economy, and burnout and attrition are on the rise, according to PagerDuty. Technical employees are more likely to leave certain kinds of teams based on after-hours expectations and inconsistent workloads. Modern digital systems are complex and always-on, but as customers require more reliable systems, demands on technical teams increase, … More

Jonathan Reiber

Cyberattack prevention is cost-effective, so why aren’t businesses investing to protect?

Cyberattacks like ransomware, BEC scams and data breaches are some of the key issues businesses are facing today, but despite the number of high-profile incidents, many boardrooms are reluctant to free up budget to invest in the cybersecurity measures necessary to avoid becoming the next victim. In this Help Net Security interview, Former Pentagon Chief Strategy Officer Jonathan Reiber, VP Cybersecurity Strategy and Policy, AttackIQ, discusses how now, more than ever, companies need to protect … More


Now is the time to focus on software supply chain security improvements

The shift to cloud-native development, along with the increased speed in development brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex, according to recent research from Venafi. In this Help Net Security video, Kevin Bocek, VP of Security Strategy and Threat Intelligence, Venafi, discusses how CIOs are becoming increasingly concerned about the serious business disruptions, revenue loss, data theft, and customer damage that … More

Infosec products of the month: July 2022

Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Aqua Security, Cato Networks, CertiK, CoSoSys, CyberArk, Darktrace, Deloitte, EnGenius, Flashpoint, Fusion Risk Management, G-Core Labs, Kingston Digital, LogRhythm, N-able, NetApp, Orca Security, Persona, Rafay Systems, RangeForce, Rapid7, Resecurity, Runecast, Socura, and Teleport. Resecurity Digital Identity Protection defends individuals and businesses from identity theft The Digital Identify Protection solution leverages Resecurity’s threat intelligence data from dark web activity, data … More

week in review

Week in review: Attackers abandoning malicious macros, average data breach cost soars

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Israel’s new cyber-kinetic lab will boost the resilience of critical infrastructure In a building under construction at the Advanced Technologies Park in Be’er Sheva, the “cyber capital” of Israel, a new governmental lab is also taking shape: the National Cyber-Kinetic Lab for ICS and OT. Attackers are slowly abandoning malicious macros Malicious macro-enabled documents as vehicles for email-based malware delivery … More