remediation
China-linked spies backdoored authentication stack to stay hidden for years
A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the …
Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered …
The 2026 State of Pentesting: Why delivery and follow-through matter more than ever
Penetration testing has evolved significantly over the past several years. While uncovering exploitable vulnerabilities remains the core goal, the real differentiator today is …
Downtime pushes resilience planning into security operations
CISOs describe a shift in how they define success. New research from Absolute Security shows broad agreement that resilience outweighs security goals centered on prevention …
Fragmented tooling slows vulnerability management
Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new …
Financial services can’t shake security debt
In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” …
Exposed and unaware? Smart buildings need smarter risk controls
75% of organizations have building management systems (BMS) affected by known exploited vulnerabilities (KEVs), according to Claroty.
Developing an effective cyberwarfare response plan
In this Help Net Security interview, Nadir Izrael, CTO at Armis, discusses how AI has transformed cyberwarfare by amplifying attacks’ scale and sophistication. Izrael …
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …
How to make Infrastructure as Code secure by default
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through …
Strategies for preventing AI misuse in cybersecurity
As organizations increasingly adopt AI, they face unique challenges in updating AI models to keep pace with evolving threats while ensuring seamless integration into existing …
Does AI remediation spell the end for developers in 2024?
Big tech firms are already rolling out AI remediation tools to prevent developers from introducing security risks into the software development lifecycle (SDLC). In this Help …
Featured news
Resources
Don't miss
- Your browser tab could become encrypted storage for someone else’s files
- Law enforcement hits SocGholish: 106 servers down, 15,000 sites cleaned
- 74,000 Fortinet firewall credentials exposed in FortiBleed data leak
- GentleKiller targets more than 400 security processes across 48 products
- Securing digital keys when your phone unlocks the car