Application Security News and Articles
Nov 11, 2025 - Jeremy Snyder - In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application's popularity, numerous companies and organizations have found themselves vulnerable to ...
Nov 11, 2025 - Jeremy Snyder - A common analogy for APIs is that they are LEGO blocks, or more specifically, APIs are the little studs and slots that allow you to attach LEGO pieces to each other and build something bigger than any individual ...
Nov 11, 2025 - Jeremy Snyder - On April 5, 2023, during UK Cyber Week, our CEO Jeremy Snyder will present, “API security - what is it, why you should care, and how to protect your org”.
The session, part of the OT & IT Cyber Security ...
Nov 11, 2025 - Jeremy Snyder - McLean, Va. - Jan. 24, 2023 - FireTail Inc., a disruptor in API security, today announced the appointment of Timo Rüppell to the executive leadership team as Vice President of Product. In conjunction with bringing ...
Nov 11, 2025 - Alan Fagan - CYFIRMA is an external threat landscape management platform that combines cyber intelligence with attack surface discovery and digital risk protection to deliver early warning, personalized, contextual, outside-in, and ...
Nov 11, 2025 - Jeremy Snyder - API Security: Why the Gap
Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a ...
Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication.
The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on ...
This is why AIs are not ready to be personal assistants:
A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, ...
TL;DR
Applications face thousands of attack attempts monthly, yet traditional security tools miss the ones that matter most. New data from Contrast Security reveals that while WAFs, EDR, and SIEM platforms excel at their designed functions, they ...
Nov 11, 2025 - Jeremy Snyder - Understanding Cybersecurity Maturity Models (CMM)
Cybersecurity maturity models offer valuable guidance for organizations seeking to enhance their security posture. While the Cybersecurity Maturity Model ...
Nov 11, 2025 - Jeremy Snyder - IDOR Attacks: Common And Deadly
IDOR attacks, or Insecure Direct Object Reference (IDOR) attacks, are one of the most common and costly forms of API breach. In an IDOR attack, hackers directly reference internal ...
AI chatbots boost enterprise efficiency but expand the attack surface. Learn about vulnerabilities like prompt injection, data leakage, and API exploits — and how to secure them.
The post Evaluating the Attack Surface of AI Chatbots Deployed in ...
AI-driven automation is transforming cloud security by detecting anomalies in real time, and enabling intelligent threat response.
The post Cloud Security Automation: Using AI to Strengthen Defenses and Response appeared first on Security ...
What is Encoding? Encoding is a process of transforming the data into different parameters to enhance its compatibility, usefulness, and to transmit it through various systems and applications. Therefore, the main purpose of encoding is not ...
Firewalla has announced the release of MSP 2.9, the latest update to its Managed Security Portal (MSP). The update is now available to all MSP Early Access users. Firewalla MSP is a web-based platform designed for security and infosec ...
Veterans Day Poster Competition - via The United States Department of Veteran's Affairs: Veterans Day Poster Competition - Each year the Veterans Day National Committee publishes a commemorative Veterans Day poster. The Committee selects a poster ...
What is ChatGPT? ChatGPT is a conversational AI that has been created by OpenAI and is based on the ability to understand and generate text that is in many ways similar to how a human being would write it, given an input. It belongs to a line of ...
In this Help Net Security interview, Chris Wheeler, CISO at Resilience, talks about how CISOs are managing changing cybersecurity budgets. While overall spending is up, many say the increases don’t match their most pressing needs. Wheeler ...
Police use drones, body cameras, and license plate readers as part of their daily work. Supporters say these tools make communities safer. Critics see something different, a system that collects too much data and opens the door to abuse. When ...
Cybersecurity leaders are hitting their limit. A new report from Nagomi Security shows that most CISOs are stretched thin, dealing with nonstop incidents, too many tools, and growing pressure from their boards. The pressures are so intense that ...
