application security

Need to improve application security? Reduce friction between developers and security teams
Tromzo has released the findings from their report, based on a survey of 403 US-based application security practitioners who work at organizations where their development team …

What is challenging secure application development?
A Censuswide report reveals the biggest security challenges that application security (AppSec) managers and software developers are facing within their organizations in …

Financial services need to prioritize API security to protect their customers
Noname Security and Alissa Knight, Partner at Knight Ink and recovering hacker, announced a research which unveils a number of vulnerabilities in the banking, cryptocurrency …

Creepy data collection and sharing remain common on popular apps
In a recent Mozilla review of the privacy features of 21 popular video call apps, only two were singled out for outstanding features (Signal and Threema). Meanwhile, three …

Organizations struggling to develop cloud applications that meet security requirements
According to a Security Compass research, in mid-sized to large enterprises, 50% of the software applications being developed are cloud based, and another 30% are expected to …

Checking for misconfigurations isn’t enough
Misconfiguration errors are often the main focus of security for cloud-native applications, and for good reason. Earlier this year, Hobby Lobby accidentally exposed 136 GB of …

40% of SaaS assets are unmanaged, putting companies at risk for data leaks
DoControl announced a report which provides data-driven insights into the growing number of external and insider threats due to vast amounts of unmanageable data in today’s …

Houdini malware returns, enterprise risk assessment compromised by Amazon Sidewalk
Cato Networks announced the results of its analysis of 263 billion enterprise network flows between April and June 2021. Researchers showed a novel use of Houdini malware to …

How to harden Kubernetes systems and minimize risk
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released a report which details threats to Kubernetes environments and …

Increasing speed of vulnerability scans ultimately increases security fixes overall
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their …

The destructive power of supply chain attacks and how to secure your code
In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques …

What is DataSecOps and why it matters
In this Help Net Security podcast, Ben Herzberg, Chief Scientist at Satori, explains what DataSecOps is, and illustrates its significance. Here’s a transcript of the podcast …
Featured news
Resources
Don't miss
- Digital sovereignty becomes a matter of resilience for Europe
- Storm-2603 spotted deploying ransomware on exploited SharePoint servers
- CISO New York 2025 brings together top cybersecurity leaders
- Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)
- Autoswagger: Open-source tool to expose hidden API authorization flaws