Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …
application security
What could be the cause of growing API security incidents?
Noname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of …
How can organizations benefit from full-stack observability?
New Relic published the 2022 Observability Forecast report, which captures insights into the current state of observability, its growth potential, and the benefits of …
Backlogs larger than 100K+ vulnerabilities but too time-consuming to address
Rezilion and Ponemon Institute announced the release of “The State of Vulnerability Management in DevSecOps,” which reveals that organizations are losing thousands of hours in …
How automation can solve application development challenges
Security Compass has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their …
How fast is the financial industry fixing its software security flaws?
Veracode released data revealing that the financial services industry ranks among the best for overall flaw percentage when compared to other industries, but has one of the …
Vulnerability in Amazon Ring app allowed access to private camera recordings
A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been …
“ParseThru” vulnerability allows unauthorized access to cloud-native applications
A new vulnerability found in GoLang-based applications allows a threat actor to bypass validations under certain conditions and gain unauthorized access to cloud-native …
Positive trends in the application security space
ShiftLeft recently released their 2022 AppSec Progress Report, which evaluated how the changes and advancements in static application security testing (SAST) and intelligent …
Teams that shift security left and focus on attackability ship more secure code
ShiftLeft released its second annual AppSec Progress Report documenting critical trends in application security and how organizations are shifting security left to deal with …
SaaS security: How to avoid “death by 1000 apps”
SaaS applications have become synonymous with modern business environments, and CISOs and security teams struggle to find a happy medium between ensuring the security of their …
Why are current cybersecurity incident response efforts failing?
Business-critical applications, such as enterprise resource planning (ERP) systems provided by SAP and Oracle, are considered the crown jewels of the enterprise. These assets …