newsGoogle expands minimum security guidelines for third-party vendorsGoogle's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features.By John P. Mello Jr.Dec 08, 20234 minsApplication SecuritySupply Chain news BSIMM 14 finds rapid growth in automated security technologyBy John P. Mello Jr.Dec 06, 20234 minsApplication SecurityApplication SecurityNetwork Securityfeature What should be in a company-wide policy on low-code/no-code developmentBy Ericka ChickowskiDec 06, 202315 minsApplication SecuritySecurity Practices featureThe CSO guide to top security conferencesBy CSO Staff Dec 01, 20236 minsTechnology IndustryIT SkillsEvents brandpostSponsored by Wing SecurityThis new SaaS security solution aims to disrupt the market with its ‘freemium’ approachBy Wing Security Nov 06, 20235 minsApplication Security newsMicrosoft pledges cybersecurity overhaul to protect products and servicesBy Michael Hill Nov 02, 20239 minsInternet SecurityInternet SecurityInternet Security newsBackSlash’s new ASPM combines existing AppSec with context-based risk prioritizationBy Shweta Sharma Nov 01, 20233 minsApplication Security newsFailure to verify OAuth tokens enables account takeover on websitesBy Lucian Constantin Oct 27, 20237 minsAuthenticationApplication SecuritySecurity Practices feature6 most common types of software supply chain attacks explainedBy Ax Sharma Oct 25, 202315 minsCyberattacksCyberattacksCyberattacks ArticlesnewsGoogle Workspace to gain AI-enabled security, digital sovereignty controlsThe enhancements are designed to better protect sensitive data, harden admin access controls, and provide more flexibility on where data is stored and processed.By Michael Nadeau Aug 23, 2023 6 minsEmail SecurityGenerative AIApplication SecuritynewsContainer security probes provide continuous penetration testingActive security for containerized systems is here, as Prelude Security launches new, tiny testing agents.By Jon Gold Aug 23, 2023 3 minsDevSecOpsApplication SecuritynewsCustomer-configured rules now the biggest contributor to mitigated trafficNew research also shows old CVEs are still exploited en masse with HTTP anomalies the most common API attack vector.By Michael Hill Aug 22, 2023 3 minsAPIsApplication SecurityVulnerabilitiesnewsThe top new cybersecurity products at Black Hat USA 2023Here are the top cybersecurity tools, platforms, capabilities, services, and technologies launched at Black Hat USA 2023 that you need to know about.By Shweta Sharma Aug 09, 2023 8 minsEmail SecurityThreat and Vulnerability ManagementApplication SecuritynewsCode42’s Incydr identifies source and destination of source code The SaaS solution has been updated to better detect propriety source code movement.By Samira Sarraf Aug 08, 2023 3 minsDevSecOpsDevSecOpsApplication SecuritynewsAkamai unveils API Security solution to stop API attacks, detect abuseThe solution works with any API gateway, WAAP, or cloud implementation and features a managed threat hunting service.By Michael Hill Aug 02, 2023 3 minsThreat and Vulnerability ManagementThreat and Vulnerability ManagementThreat and Vulnerability ManagementnewsVast majority of organizations are no longer vulnerable to MOVEitOrganizations are remediating MOVEit vulnerabilities 21 times faster compared to other vulnerabilities, according to research by Bitsight. By Apurva Venkat Jul 24, 2023 4 minsApplication SecurityVulnerabilitiesfeatureWhy API attacks are increasing and how to avoid themGrowing use of APIs give attackers more ways to break authentication controls, exfiltrate data, or perform disruptive acts.By Maria Korolov Jul 24, 2023 20 minsApplication SecurityData and Information SecurityVulnerabilitiesnewsChainguard adds automated SBOMs, vulnerability scanning to Enforce With the added features, Enforce can now generate and ingest software bills of materials for container images, automate vulnerability scans and generate reports. By Shweta Sharma Jul 19, 2023 3 minsApplication SecuritynewsJFrog adds new DevOps capability for vetting external packagesJFrog Curation vets and blocks infected open source or third-party packages before they enter development.By Shweta Sharma Jul 12, 2023 3 minsApplication SecurityDevopsnewsEvolving web applications raise security concerns, push budgetsOPSWAT study found about three-fourths of organizations pushing their security budgets over evolving applications with unsecured infrastructure.By Shweta Sharma Jul 12, 2023 3 minsCSO and CISOApplication Securitynews analysisMost popular generative AI projects on GitHub are the least secureResearchers use the OpenSSF Scorecard to measure the security of the 50 most popular generative AI large language model projects on GitHub.By Michael Hill Jun 28, 2023 5 minsGenerative AIGenerative AIGenerative AI Show more Show less View all Resources whitepaper Unified Security from Code to Cloud for Financial Services Reduce risk, improve visibility, and take action with end-to-end application security powered by Aqua and AWS The post Unified Security from Code to Cloud for Financial Services appeared first on Whitepaper Repository. By AWS and Aqua 28 Nov 2023Application Performance ManagementApplication SecuritySecurity whitepaper State of Code Security: The AppSec Maturity Marathon Infographic By OpenText 24 Oct 2023Application SecurityBusiness OperationsCloud Security whitepaper State of Code Security: The AppSec Maturity Marathon By OpenText 24 Oct 2023Application SecurityBusiness OperationsSecurity View all Podcasts podcastsSponsored by VeracodeA Hard Look at Software SecurityIn Season 2 of our podcast series, we'll discuss the implications and mandates generated by Veracode's most recent State of Software Security report. Our industry experts will pick up from Season 1's highlights to take a closer look at application security today. Listeners will learn more about: The impact security debt is having across industries The changing attitudes and priorities put around application security How the average number of days to fix software flaws has almost tripled since the last report The case for scanning early and often 0 episodeApplication Security Ep. 12 Frequency matters: the case for scanning early and often, part 2 Jan 15, 202014 mins Application SecurityData and Information SecuritySecurity Ep. 08 Unresolved flaws: security debt grows deeper Jan 15, 202011 mins Application SecurityData and Information SecuritySecurity Video on demand videoWhat's ahead for cybersecurity in 2019: TECH(talk)J.M. Porup, senior writer at CSO online, joins Juliet on this week’s episode of TECH(talk) to discuss trends in ransomware, IoT security and enterprise cybersecurity roles. Feb 01, 2019 25 minsRansomwareTechnology IndustryCyberattacks 6 security reasons to upgrade to Windows 10 Jul 25, 2018 1 minsApplication SecurityPrivacyWindows Don't ignore application security | Salted Hash Ep 35 Jul 23, 2018 18 minsApplication SecurityVulnerabilitiesSecurity The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34 Jul 03, 2018 16 minsData BreachApplication SecurityCybercrime See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news analysis LogoFAIL attack can inject malware in the firmware of many computers By Lucian Constantin Dec 08, 20238 mins MalwareMalwareCybercrime news New CISO appointments 2023 By CSO Staff Dec 08, 202328 mins CSO and CISOCSO and CISOCSO and CISO news Top cybersecurity product news of the week By CSO staff Dec 07, 202322 mins Generative AISecurity podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO podcast CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University Oct 16, 202315 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape Oct 10, 202316 mins CSO and CISO video CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO video AI and Cybersecurity: Speed Bumps, Training, and Communication Nov 06, 202317 mins CyberattacksGenerative AI video CSO Executive Sessions Australia with Robbie Whittome Oct 16, 202315 mins CSO and CISO