Application Security News and Articles


Does Your CLM Integrate with Your Tech Stack? Here’s Why It Should

The challenges enterprise IT security teams face today are nothing like they were five years ago. Today enterprises face globally distributed networks of bad actors that wield increasingly sophisticated technological and social tools, designed to ...

The Truth About Why Malicious Links Get Through Security

KNOWN FACT: Malicious links are hosted on legitimate services like Google, Microsoft, AWS (Amazon Web Services), Wix, GoDaddy and many others, and these services are thought safe by many security services. The malicious links are open doors to ...

Splunk Enterprise Updates Patch High-Severity Vulnerabilities

Splunk updates for Enterprise products resolve multiple high-severity vulnerabilities, including several in third-party packages. The post Splunk Enterprise Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

February 2023 Patch Tuesday | Microsoft Fixes 3 Actively Exploited Zero-Days

Microsoft released major security updates for a total of 75 Windows vulnerabilities, nine of which are rated “Critical,” 66 are rated “Important,” and three zero-days that have been exploited in the wild. The full list can be found in the ...

Abusing Azure App Service Managed Identity Assignments

Intro Azure App Service is a Platform-as-a-Service product that promises to improve web application deployment, hosting, availability, and security. Web Apps hosted by Azure App Service are organized into Azure App Service Plans, which are ...

Customer Story | Rush City Schools Improves Google Workspace Visibility With Automated Risk Detection

District Technology Coordinator, James Hatz, Keeps Data Secure And Students Safe In Google Workspace With ManagedMethods Located in Rush City, Minnesota, Rush City Schools #139 is home to over 860 students and 150 staff. The district offers ...

USENIX Security ’22 – Javad Ghareh Chamani, Dimitrios Papadopoulos, Mohammadamin Karbasforushan, Ioannis Demertzis – ‘Dynamic Searchable Encryption with Optimal Search in the Presence of Deletions’

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Javad Ghareh Chamani, Dimitrios ...

Less talk, more action: High hopes for CISA’s C-SCRM software supply chain security office

The US Cybersecurity and Infrastructure Security Agency (CISA) is making moves in 2023 to put all of its recent policy and guidance work around software supply chain security into action. Earlier this month, the agency announced a risk management ...

Kubernetes Clinic: Learn How to Check Your Kubernetes Cluster Health

At the beginning of a new year, we all want to start doing things to make ourselves healthier, more productive, or happier. Your Kubernetes clusters deserve the same kind of love! This is a great time to determine whether your clusters are the ...

How to Use Domain Scanning for Vulnerability Management

Domain names are vital to a company’s online presence — and a leading driver of external attack surface risk. Learn how domain scanning supports proactive vulnerability management. The post How to Use Domain Scanning for Vulnerability ...

NOC vs. SOC: Understanding the Differences

Network operations center (NOC) and security operations center (SOC) are major buzzwords in the IT world, and for a goodRead More The post NOC vs. SOC: Understanding the Differences appeared first on Kaseya. The post NOC vs. SOC: Understanding ...

Introducing the RiskLens Cybersecurity Risk Report

If I’ve learned anything about the mindsets of CISOs and other security decision-makers, it’s that data rules. The post Introducing the RiskLens Cybersecurity Risk Report appeared first on Security Boulevard.

Secure 5G Networks Key for Business and Society

As 5G networks continue to roll out, cybersecurity is top-of-mind for communication service providers (CSPs). The telecom industry was the most targeted vertical, attracting 37% of security attacks compared to 14% for the next-highest industry ...

CRA Cybersecurity Year in Review Report

The Cybersecurity Year in Review Report from CyberRisk Alliance (CRA) starts with a trendy title—“Everything, Everywhere, All At Once”—and proceeds into a document as chaotic, informative, and hopeful as the referenced film. Where We’ve ...

Dozens of Vulnerabilities Patched in Intel Products

Intel has released patches for multiple critical- and high-severity vulnerabilities across its product portfolio. The post Dozens of Vulnerabilities Patched in Intel Products appeared first on SecurityWeek.

FireMon Policy Analyzer – Understanding Your Assessment

If you’re reading this blog, you’re likely interested in learning more about FireMon Policy Analyzer or have just run your first assessment and are curious how to get the most out of your results. Either way, we’re excited you’re here! As ...

FireMon Policy Analyzer Delivers Powerful, Free Solution to Combat Firewall Misconfigurations

The industry’s first no-cost firewall assessment tool that quickly identifies configuration errors and high-risk rules The post FireMon Policy Analyzer Delivers Powerful, Free Solution to Combat Firewall Misconfigurations appeared first on ...

Oligo Security Mitigates Open Source Vulnerabilities at Runtime

Oligo Security today launched a runtime application security and observability platform that enables cybersecurity teams to detect and prioritize open source code vulnerabilities based on severity without affecting performance. Fresh from raising ...

Ransomware Closed 2022 With a Bang, Fueled by RaaS

It comes as no surprise that, as last year came to a close, Microsoft was tracking more than 50 unique active ransomware families and more than 100 threat actors that were using ransomware in their attacks. After all, ransomware is still a ...

Descope Targets Customer Identity Market with Massive $53M Seed Round

Descope raises an abnormally large $53 million seed-stage funding round for technology in the customer identity and authentication space. The post Descope Targets Customer Identity Market with Massive $53M Seed Round appeared first on SecurityWeek.