application security
Financial services need to prioritize API security to protect their customers
Noname Security and Alissa Knight, Partner at Knight Ink and recovering hacker, announced a research which unveils a number of vulnerabilities in the banking, cryptocurrency …
Creepy data collection and sharing remain common on popular apps
In a recent Mozilla review of the privacy features of 21 popular video call apps, only two were singled out for outstanding features (Signal and Threema). Meanwhile, three …
Organizations struggling to develop cloud applications that meet security requirements
According to a Security Compass research, in mid-sized to large enterprises, 50% of the software applications being developed are cloud based, and another 30% are expected to …
Checking for misconfigurations isn’t enough
Misconfiguration errors are often the main focus of security for cloud-native applications, and for good reason. Earlier this year, Hobby Lobby accidentally exposed 136 GB of …
40% of SaaS assets are unmanaged, putting companies at risk for data leaks
DoControl announced a report which provides data-driven insights into the growing number of external and insider threats due to vast amounts of unmanageable data in today’s …
Houdini malware returns, enterprise risk assessment compromised by Amazon Sidewalk
Cato Networks announced the results of its analysis of 263 billion enterprise network flows between April and June 2021. Researchers showed a novel use of Houdini malware to …
How to harden Kubernetes systems and minimize risk
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a report which details threats to Kubernetes environments and …
Increasing speed of vulnerability scans ultimately increases security fixes overall
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their …
The destructive power of supply chain attacks and how to secure your code
In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques …
What is DataSecOps and why it matters
In this Help Net Security podcast, Ben Herzberg, Chief Scientist at Satori, explains what DataSecOps is, and illustrates its significance. Here’s a transcript of the podcast …
SAP applications more vulnerable than users might think
Many application owners are unaware of how vulnerable their SAP applications may be, significantly increasing the risks to their core enterprise systems. This is the overall …
Consumers neglecting mobile security despite growing number of threats
Over the past year, consumers have adapted to many changes, including the rapid shift towards a digital-first lifestyle. This has led to an emphasis on consumers dependence on …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)