remediation
Developing an effective cyberwarfare response plan
In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael …
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …
How to make Infrastructure as Code secure by default
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through …
Strategies for preventing AI misuse in cybersecurity
As organizations increasingly adopt AI, they face unique challenges in updating AI models to keep pace with evolving threats while ensuring seamless integration into existing …
Does AI remediation spell the end for developers in 2024?
Big tech firms are already rolling out AI remediation tools to prevent developers from introducing security risks into the software development lifecycle (SDLC). In this Help …
The effect of omission bias on vulnerability management
Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has …
Vulnerability disclosure: Legal risks and ethical considerations for researchers
In this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in …
Scaling rapidly? Your application security strategies need to keep up
Modern application security strategies must support and enable modern software development, even as it rapidly scales, according to Mend.io. Just 52% of companies can …
How to go from collecting risk data to actually reducing risk?
Organizations trying to cope with securing their expanding attack surfaces eventually find themselves at a crossroads: they need to move beyond finding risks to effectively …
Keeping up with the demands of the cyber insurance market
Cyber insurance has been around longer than most of us think. When American International Group (AIG) launched the first cyber insurance policy in 1997, it stepped into …
Why zero trust delivers even more resilience than you think
Ten years ago, zero trust was an exciting, innovative perspective shift that security experts were excited to explore; today, it’s more likely to be framed as an inevitable …
Tackling cyber risks head-on using security questionnaires
In this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments …