Application Security News and Articles


Never Trust Your Application’s Supply Chain with Security

To understand why the application supply chain is an area that should not be overlooked, we must first understand the current cyber threat landscape and how modern applications are built. The post Never Trust Your Application’s Supply Chain ...

USENIX Security ’22 – Shimaa Ahmed, Ilia Shumailov, Nicolas Papernot, Kassem Fawaz – ‘Towards More Robust Keyword Spotting for Voice Assistants’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Shimaa Ahmed, Ilia Shumailov, Nicolas ...

Podcast: Insider Threat Trends and Challenges

Steven Bowcut interviews Sanjay Raja, Gurucul’s VP of Product Marketing and Solutions in the Brilliance... The post Podcast: Insider Threat Trends and Challenges appeared first on Gurucul. The post Podcast: Insider Threat Trends and Challenges ...

Eliminate security vulnerabilities with app modernization

Cybersecurity is non-negotiable. So, when it comes to enterprise budgets, it’s the one place we typically don’t see cuts — even in an unpredictable economic environment. In fact, cybersecurity recently surpassed innovation as the number one ...

Building Trust Through VRM and Compliance Automation

Most of today’s organizations, small to large, have outsourced some of their business functions to third-party vendors. Working with outside vendors has become standard practice, whether for efficiency, convenience, cost reduction, or to enable ...

Tackle TikTok Bans and Social Media Policy Changes with Operational Governance

In the wake of many governments and organizations banning TikTok and social media usage on employee devices, Netography has introduced a new operational governance dashboard that provides analysts with real-time comprehensive views of all social ...

Intel Paid Out Over $4.1 Million via Bug Bounty Program Since 2017

Intel paid out more than $935,000 through its bug bounty program in 2022, but found over half of the vulnerabilities internally. The post Intel Paid Out Over $4.1 Million via Bug Bounty Program Since 2017 appeared first on SecurityWeek.

Top Russian Cybercrime Forums in 2023

Cybercrime forums provide an outlet for threat actors to coordinate, exchange information, and conduct illicit trades. Often hosted on the dark web (but sometimes accessible via the clear web), these forums are hubs of malicious activity. The ...

Tactical Threat Intelligence: Cybercriminals, TTPs, and More

Cyber threat intelligence plays a critical role in a proactive cybersecurity strategy. By gathering and analyzing data, security teams and company leaders are able to make quick and effective decisions about cyber security strategies and attacks. ...

5 Steps to Implementing a Data Governance Framework

Data governance can be a daunting task. This blog breaks down 5 simple steps to implement a successful and manageable data governance framework. The post 5 Steps to Implementing a Data Governance Framework appeared first on Security Boulevard.

Comic Agilé – Mikkel Noe-Nygaard, Luxshan Ratnarav – ‘##229 – Secrecy’

via the respected Software Engineering expertise of Mikkel Noe-Nygaard as well as the lauded Software Engineering and Enterprise Agile Coaching talent of Luxshan Ratnarav at Comic Agilé! Permalink The post Comic Agilé – Mikkel ...

Strategic Threat Intelligence: The Definitive Guide

Modern technology has created a world where threat actors are continuously adapting new tools and techniques with the main goal of stealing data from companies. In today’s digital age, traditional defensive security measures are no longer ...

Threat Hunting Content Platform: Supercharge Your Threat Hunting

As a security professional, you understand the crucial role that threat hunting plays in protecting your organization from cyber attacks. Threat hunting involves proactively searching for signs of malicious activity on your organization’s ...

Entitle Unfurls Cloud Platform to Manage Permissions

Entitle today launched a namesake cloud platform for managing permissions based on specific intervals of predetermined time. Fresh from raising $15 million in seed funding, Entitle CEO Ron Nissim said the company’s platform makes it possible ...

Google Paid Out $12 Million via Bug Bounty Programs in 2022

Google rewarded over 700 researchers in 2022 for contributions to its bug bounty program, with the highest single payout at $605,000. The post Google Paid Out $12 Million via Bug Bounty Programs in 2022 appeared first on SecurityWeek.

Supply Chain Security: Sigstore and Cosign (Part II)

The ability to sign and verify the integrity and origin of software artifacts, such as Docker images, is critical to supply chain security. Let's try Sigstore, a new standard that promises to make this process much easier. The post Supply Chain ...

MixMode Named Among Top Cybersecurity Companies to Watch in 2023 by CRN

CRN took a look at the channel-focused security vendors that have unveiled major partner program updates in the first quarter of 2023, including MixMode. The post MixMode Named Among Top Cybersecurity Companies to Watch in 2023 by CRN appeared ...

Developers beware: Imposter HTTP libraries lurk on PyPI

While monitoring different malicious packages found in public software repositories, ReversingLabs researchers have noticed an increase of malicious HTTP libraries on the Python Package Index (PyPI) repository. Actually, we should air-quote ...

Is Cyber Liability Insurance a Moral Hazard in the US?

  The post Is Cyber Liability Insurance a Moral Hazard in the US? appeared first on Security Boulevard.

Surprise! US DoD Server Had no Password — 3TB of Sensitive Data Leaked

Sensitive military data found on unprotected Microsoft Azure server. Defense Department email store left insecure for at least 11 days. The post Surprise! US DoD Server Had no Password — 3TB of Sensitive Data Leaked appeared first on Security ...