Approov offers free pinning generator tool to protect against automated attacks on APIs
Approov introduced the Mobile Certificate Pinning Generator, a free tool to help mobile-first companies make Man-in-the-Middle (MitM) attacks targeting mobile app APIs a thing …
OWASP Top 10 2021: The most serious web application security risks
The definitive OWASP Top 10 2021 list is out, and it shows that broken access control is currently the most serious web application security risk. How is the list compiled? …
Sharing knowledge and moving towards securing all the things!
Originally a software developer (for 17 years), Tanya Janca, CEO of We Hack Purple, switched to security seven years ago. She founded the company to share as much knowledge as …
ShiftLeft Educate provides consistent and contextual training for developers of different skill levels
ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. …
Why XSS is still an XXL issue in 2021
Cross-site scripting (XSS) attacks take advantage of coding flaws in the way websites or web applications generate input from users. Despite their longstanding reputation as a …
ShiftLeft allows users to validate the accuracy of ShiftLeft CORE using OWASP Benchmark
ShiftLeft has released a tool enabling businesses to independently benchmark and validate the accuracy of ShiftLeft CORE using the Open Web Application Security Project …
Most mobile finance apps vulnerable to data breaches
77% of financial apps have at least one serious vulnerability that could lead to a data breach, an Intertrust report reveals. This report comes at a time where finance mobile …
A leadership guide for mitigating security risks with low code platforms
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The …
Wind River’s enhancements deliver cybersecurity and anti-tamper protection
Wind River announced security enhancements to Wind River Studio, a cloud-native platform for the development, deployment, operations, and servicing of mission-critical …
Cequence Security API Sentinel 2.0 helps orgs strengthen their runtime API protections
Cequence Security announced the release of API Sentinel 2.0, adding powerful features that will help organizations strengthen their runtime API protections by “shielding …
OWASP SAMM version 2: Analyze and improve organizational security posture
The OWASP SAMM (Software Assurance Maturity Model) is a community-led open-sourced framework that allows teams and developers to assess, formulate, and implement strategies …
Security pitfalls to avoid when programming using an API
OWASP’s API Security Project has released the first edition of its top 10 list of API security risks. The most common and perilous API security risks API abuse is an …
Featured news
Sponsored
Don't miss
- Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
- LastPass users targeted by vishing attackers
- Protobom: Open-source software supply chain tool
- The key pillars of domain security
- Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)