Application Security News and Articles


5 AppSec Predictions for 2023

For better or worse, these are the AppSec trends that are likely to be popular in the new year. Check them out. The post 5 AppSec Predictions for 2023 appeared first on GuardRails. The post 5 AppSec Predictions for 2023 appeared first on Security ...

New infosec products of the week: March 3, 2023

Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Fastly, Forescout, ManageEngine, and Veeam Software. Forescout XDR enables SOC teams to reduce the attack surface Forescout XDR is an eXtended ...

The role of human insight in AI-based cybersecurity

To unleash the power of AI, it’s essential to integrate some human input. The technical term is Reinforcement Learning from Human Feedback (RLHF): a machine-learning technique that uses human feedback to train and improve the accuracy of an AI ...

Vulnerabilities of years past haunt organizations, aid attackers

Known vulnerabilities – those for which patches have already been made available – are the primary vehicle for cyberattacks, according to Tenable. The Tenable report categorizes important vulnerability data and analyzes attacker behavior to ...

What Is the Difference Between Authentication and Authorization?

In today’s digital age, online security is a critical concern for individuals and businesses alike. With the increasing amount of sensitive information stored and shared online, it’s essential to have strong security measures in place to ...

Attackers are developing and deploying exploits faster than ever

While there was a reduction in the widespread exploitation of new vulnerabilities in 2022, the risk remains significant as broad and opportunistic attacks continue to pose a threat, according to Rapid7. Deploying exploits Attackers are developing ...

ML practitioners push for mandatory AI Bill of Rights

The AI Bill of Rights, bias, and operational challenges amid tightening budgets are pressing issues affecting the adoption of ML as well as project and initiative success, according to Comet. “Our latest survey comes as ML practitioners are ...

Forescout XDR enables SOC teams to reduce the attack surface

Forescout revealed Forescout XDR, a solution designed to aid enterprises in detecting, investigating, and responding to an extensive range of sophisticated threats throughout their extended enterprise. A typical SOC is flooded with 450 alerts per ...

Fastly Managed Security Service protects enterprises from web application attacks

Fastly introduced Fastly Managed Security Service, a service for threat detection and response available around the clock, aimed at assisting businesses in mitigating the risk of web application attacks and minimizing the costs incurred due to ...

WatchGuard ThreatSync equips organizations with XDR capabilities

WatchGuard launched ThreatSync, a comprehensive XDR solution included as part of WatchGuard’s Unified Security Platform architecture that provides XDR technology for WatchGuard Network and Endpoint Security products. WatchGuard ThreatSync ...

ManageEngine adds security and risk posture management dashboard to Log360

ManageEngine has added a security and risk posture management dashboard to Log360, its unified security information and event management (SIEM) solution with integrated DLP and CASB capabilities. Enterprises can leverage this new feature to ...

Ermetic’s new capabilities empower users to detect misconfigurations in Kubernetes

Ermetic revealed that its Cloud Native Application Protection Platform (CNAPP) can now automatically detect and correct misconfigurations, compliance violations, and risky or excessive privileges in Kubernetes clusters for its customers. Unlike ...

CISA launches Decider to make MITRE ATT&CK more accessible for network defenders

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Homeland Security Systems Engineering and Development Institute (HSSEDI), has released Decider, a tool for mapping adversary behavior to the MITRE ATT&CK ...

Rezonate expands coverage to all major identity providers to prevent identity threats

Rezonate has announced its latest native integration with Microsoft Azure AD, Okta, and Google Workspace in addition to existing cloud infrastructure support. These integrations further advance Rezonate’s mission to discover, detect and ...

ThreatHunter.ai FIRST EYES helps organizations mitigate cyber threats

ThreatHunter.ai launched FIRST EYES, a solution intended to aid organizations lacking strong cybersecurity measures in handling possible threats and defending against the increasing frequency of cyber assaults. FIRST EYES presents a timely ...

MSPAlliance Cyber Verify helps MSPs achieve compliance

MSPAlliance unveiled Cyber Verify, a Compliance-as-a-Service platform that not only facilitates MSPs in achieving compliance but also enables them to offer compliance services to their customers. The platform has been developed to streamline the ...

Wipro releases 5G Def-i to accelerate connectivity integrations

Wipro has launched its “5G Def-i” platform which empowers businesses to seamlessly transform their infrastructure, networks and services. Many organizations have failed to maximize their return on connectivity investments due to the challenge ...

Highlights from the New U.S. Cybersecurity Strategy

The Biden administration today issued its vision for beefing up the nation's collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for ...

Threat Actor TTPs & Cyber Threat Intelligence

Intelligence-driven cybersecurity is proactive. And proactive cybersecurity drives better defenses by improving the ability to anticipate threats, increase situational awareness, and reduce attack surfaces.  Today’s cyber threat landscape sees ...

Geopolitical Intelligence: The Definitive Guide

Geopolitics and cybersecurity for organizations of all kinds are increasingly linked.  This has become increasingly clear in the past year with Russia’s invasion of Ukraine, which has been called the world’s first hybrid war — attacks have ...