New framework sets baseline for SaaS security controls
Managing security across dozens or even hundreds of SaaS apps has become a major headache. Each tool has its own settings, permissions, and logs, and most third-party risk …
Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius
A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those …
AI Security Map: Linking AI vulnerabilities to real-world impact
A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first …
19 ways to build zero trust: NIST offers practical implementation guide
The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled …
A third of organizations suffered a SaaS data breach this year
While SaaS security is finally getting the attention it deserves, there’s still a significant gap between intent and implementation. Ad hoc strategies and other practices …
Infosec products of the month: August 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, …
New infosec products of the week: August 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from: Rapid7, AppOmni, Contrast Security, Elastic, Cequence Security, Veza, ArmorCode, …
AppOmni unveils SaaS-aware ITDR capabilities
AppOmni announced a series of technology advances to deliver identity and threat detection (ITDR) capabilities to protect SaaS environments. The newest capabilities complement …
AppOmni introduces ZTPM for enhanced cisibility in SaaS security
AppOmni unveiled AppOmni Zero Trust Posture Management (ZTPM), a solution set that strengthens security in modern infrastructures by bridging a critical gap in network-centric …
PyRIT: Open-source framework to find risks in generative AI systems
Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks …
Securing AI systems against evasion, poisoning, and abuse
Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In …
AskOmni simplifies and enhances SaaS security
AppOmni unveiled a groundbreaking advancement with the introduction of AskOmni. This AI-powered SSPM assistant developed by the AppOmni OmniScience team propels SSPM into new …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions