Application Security News and Articles


Ramping Up: FedRAMP 300! A Quick Look at FedRAMP’s Journey

It has been a decade-plus since the Office of Management and Budget introduced FedRAMP (Federal Risk and Authorization Management Program) to support the government’s adoption of secure cloud services. In fact, FedRAMP just hit its 300th ...

5G surpasses expectations, becomes a global game-changer

5G connectivity has reached a tipping point globally as 5G networks are now active in 47 of the world’s 70 largest economies by GDP, according to Viavi. VIAVI revealed that there are 2,497 cities globally with commercial 5G networks, across 92 ...

Many Public Salesforce Sites are Leaking Private Data

A shocking number of organizations -- including banks and healthcare providers -- are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a ...

Swissbit iShield Key Pro safeguards online accounts, web services

With the iShield Key Pro, Swissbit is expanding its range of hardware security keys with more than simply another FIDO stick. Thanks to the addition of further security standards and features, the new security key provides even more flexibility ...

We’re one step closer to knowing how to comply with EO 14028

CISA’s draft self-attestation form, published today, is a step in the right direction in demystifying EO 14028 compliance. The post We’re one step closer to knowing how to comply with EO 14028 appeared first on Security Boulevard.

Why Overthinking Risk Will Turn You into Stone

Why Overthinking Risk Will Turn You into Stone Risk is an enabler of Analysis Paralysis. Organizations invest vast amounts of money, time, and human capital in identifying, analyzing, and reporting potential risks within their domain. While this ...

USENIX Enigma 2023 – Lana Ramjit, Cornell Tech – ‘Technology Abuse Clinics For Survivors Of Intimate Partner Violence’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Enigma 2023 – Lana Ramjit, Cornell Tech – ‘Technology ...

Cloud detection and response, a key asset for cloud security

With the continued move to the cloud, cloud detection and response helps security teams defend their cloud applications and infrastructure.  The post Cloud detection and response, a key asset for cloud security appeared first on Security Boulevard.

Building a Kubernetes Platform: How & Why to Apply Governance and Policy

A Platform, sometimes called an "internal developer platform," is a unified infrastructure that allows development teams in a company to deliver applications rapidly and consistently. Out of the box, Kubernetes is a very powerful platform, but ...

DevOps vs. DevSecOps Process: How to Ensure Your Organization Has a Security Mindset

In this blog post, we’ll explore the shift from DevOps to DevSecOps and discuss some practical tips for your organization when moving from DevOps to DevSecOps. The post DevOps vs. DevSecOps Process: How to Ensure Your Organization Has a ...

Salt Security Wins Stevie® Award for Most Innovative Tech Company of the Year

What a week we’re having – and it’s only Thursday! RSA has been action-packed, meeting with customers, showing off our new product enhancements, and booking time with new prospects. Interest in API security is running at an all-time high, ...

Imperva® and Fortanix Partner to Protect Confidential Customer Data

Imperva Data Security Fabric and Fortanix Data Security Manager combine to provide end-to-end data security. Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, and Fortanix, ...

Bots-as-a-Service (BaaS): A New Era of Automated Bot Attacks

Bots-as-a-service (BaaS) is a cloud-based platform that offers pre-built bots to automate mundane tasks such as customer support, data entry, and information retrieval. This trend in app development helps businesses save time and increase ...

Randall Munroe’s XKCD ‘Definition of e’

via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘Definition of e’ appeared first on Security Boulevard.

Lessons and Takeaways from the FBI’s 2022 Internet Crime Report

Spanning 32 pages and featuring statistics galore, there’s a lot to unpack in the FBI’s 2022 Internet Crime Report. The Bureau’s Internet Crime Complaint Center (IC3) compiled the 2022 report based on 800,944 complaints of cyberattacks and ...

CAPTCHA 4WP version 7.2.0 is out now

We are happy to announce the release of CAPTCHA 4WP version 7.2.0. This version adds some very useful features and a number of improvements and bug fixes that’ll surely make it a great upgrade for anyone running this plugin - and many more ...

Independent of their Apps, bad actors banned by various executive orders have pixels/trackers on everyday websites 

“[China can] manipulate content, and if they want to, to use it for influence operations” – FBI Director Chris Wray  “To maintain the security of data owned by the state of Nebraska, and to safeguard against the intrusive cyber ...

What Is Break/Fix? Pros, Cons and Why It’s Declining in Popularity

Until a decade ago, IT service providers supported their clients using primarily a break/fix model. When called, they traveled toRead More The post What Is Break/Fix? Pros, Cons and Why It’s Declining in Popularity appeared first on ...

How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel

SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of ...

Axiad Honored with a Coveted Stevie in 2023 American Business Awards

It has already been a good year for Axiad from an awards standpoint, with the... The post Axiad Honored with a Coveted Stevie in 2023 American Business Awards appeared first on Axiad. The post Axiad Honored with a Coveted Stevie in 2023 American ...