feature6 notable API security initiatives launched in 2023API security is climbing the agenda for organizations and the wider cybersecurity community. Here are six initiatives rolled out in 2023 that tackle API security issues.By Michael HillSep 19, 20237 minsApplication SecurityCloud SecuritySecurity Practices news analysis New Kubernetes vulnerability allows privilege escalation in WindowsBy Lucian ConstantinSep 13, 20234 minsDevSecOpsApplication SecurityVulnerabilitiesnews Cisco Secure Application brings app and security teams togetherBy Samira SarrafSep 12, 20233 minsDevSecOpsApplication SecurityCloud Security newsCode Intelligence unveils new LLM-powered software security testing solutionBy Michael Hill Sep 12, 20234 minsDevSecOpsGenerative AIApplication Security featureThe CSO guide to top security conferencesBy CSO Staff Sep 08, 202318 minsTechnology IndustryIT SkillsEvents newsDevelopers have security, other generative AI concerns but use it anywayBy Jon Gold Sep 05, 20233 minsDevSecOpsGenerative AIApplication Security newsBitbucket integrates Arnica’s application security toolsBy Michael Hill Aug 31, 20233 minsDevSecOpsApplication Security featureHow CISOs can shift from application security to product securityBy Ericka Chickowski Aug 30, 202310 minsApplication SecuritySoftware Development newsImmuniWeb releases Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknessesBy Michael Hill Aug 24, 20233 minsMobile SecurityApplication SecurityVulnerabilities Articlesnews analysisMost popular generative AI projects on GitHub are the least secureResearchers use the OpenSSF Scorecard to measure the security of the 50 most popular generative AI large language model projects on GitHub.By Michael Hill Jun 28, 2023 5 minsGenerative AIApplication SecurityOpen Sourcenews analysisFileless attacks surge as cybercriminals evade cloud security defensesThreat actors are concealing campaigns to evade detection and establish stronger footholds in compromised systems.By Michael Hill Jun 27, 2023 5 minsCyberattacksSupply ChainApplication SecuritynewsBaffle launches new user interface to simplify application data securityBaffle Manager 2.0 adds REST APIs, secrets store, certificate store, and SSO to fully automate data protection over SaaS workflows.By Shweta Sharma Jun 21, 2023 3 minsApplication SecurityData and Information SecuritySecurity SoftwarenewsTeam Cymru launches threat-hunting tool aims to fast-forward analysisThe new scouting tool for threat hunting and malicious infrastructure analysis promises to level up users’ security operation centers.By Samira Sarraf Jun 19, 2023 2 minsThreat and Vulnerability ManagementApplication SecurityData and Information Securityfeature5 best practices to ensure the security of third-party APIsThe application programming interface (API) has become integral to setting up functionality and flexibility. But they’re also potential attack vectors that need to be high on the security team’s radar.By Linda Rosencrance Jun 15, 2023 8 minsApplication SecurityData and Information SecuritySupply Chainnews analysisAttackers set up rogue GitHub repos with malware posing as zero-day exploitsThe threat actor created fake personas on Twitter for researchers at a non-existent security firm.By Lucian Constantin Jun 14, 2023 4 minsDevSecOpsCyberattacksApplication SecuritynewsRezilion releases agentless runtime software vulnerability management solutionSoftware supply chain security vendor claims to have discovered that true, non-agent-based runtime vulnerability analysis is possible by harnessing cloud APIs.By Michael Hill Jun 14, 2023 3 minsThreat and Vulnerability ManagementSupply ChainApplication Securitynews analysisAttackers use Python compiled bytecode to evade detectionNewly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.By Lucian Constantin Jun 02, 2023 6 minsDevSecOpsCyberattacksApplication Securityfeature6 ways generative AI chatbots and LLMs can enhance cybersecurityGenerative AI chatbots and large language models can be a double-edged swords from a risk perspective, but with proper use they can also improve cybersecurity in key waysBy Michael Hill May 25, 2023 8 minsGenerative AIApplication SecurityData and Information Securitynews analysisLegitimate looking npm packages found hosting TurkoRat infostealerThe malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.By Lucian Constantin May 19, 2023 5 minsMalwareSupply ChainApplication SecuritynewsOX Security adds ChatGPT plugin for AppSecOX-GPT plugin promises natural-language security analysis for application security teams.By Jon Gold May 18, 2023 3 minsDevSecOpsGenerative AIApplication SecuritynewsIBM acquires Polar Security, bolstering data security capabilitiesIBM’s purchase of Israel-based application data security startup Polar will see that company’s data security posture management technology integrated into IBM’s Guardium lineup of products.By Jon Gold May 17, 2023 2 minsApplication SecurityMergers and Acquisitions Show more Show less View all Resources whitepaper Detect Malicious Activity and Protect Your Containerized Workloads in Amazon EKS or AWS As containerized applications become increasingly complex, it can be challenging to design and execute an effective container security strategy. This e-book looks at Calico's capabilities for detecting network-based attacks. The post Detect Malicious Activity and Protect Your Containerized Workloads in Amazon EKS or AWS appeared first on Whitepaper Repository. By AWS and Tigera 12 Sep 2023Application ManagementApplication SecurityBusiness Operations whitepaper Apps & APIs SOTI Part 1 By Akamai Technologies Inc 07 Sep 2023APIsApplication Performance ManagementApplication Security whitepaper Slipping Through the Security Gaps: The Rise of Application and API Attacks By Akamai Technologies Inc 07 Sep 2023APIsApplication Performance ManagementApplication Security View all Podcasts podcastsA Hard Look at Software SecurityIn Season 2 of our podcast series, we'll discuss the implications and mandates generated by Veracode's most recent State of Software Security report. Our industry experts will pick up from Season 1's highlights to take a closer look at application security today. Listeners will learn more about: The impact security debt is having across industries The changing attitudes and priorities put around application security How the average number of days to fix software flaws has almost tripled since the last report The case for scanning early and often 12 episodesApplication Security Ep. 12 Frequency matters: the case for scanning early and often, part 2 Jan 15, 202014 mins Application SecurityData and Information SecuritySecurity Ep. 08 Unresolved flaws: security debt grows deeper Jan 15, 202011 mins Application SecurityData and Information SecuritySecurity Video on demand videoWhat's ahead for cybersecurity in 2019: TECH(talk)J.M. Porup, senior writer at CSO online, joins Juliet on this week’s episode of TECH(talk) to discuss trends in ransomware, IoT security and enterprise cybersecurity roles. Feb 01, 2019 25 minsRansomwareTechnology IndustryCyberattacks 6 security reasons to upgrade to Windows 10 Jul 25, 2018 1 minsApplication SecurityPrivacyWindows Don't ignore application security | Salted Hash Ep 35 Jul 23, 2018 18 minsApplication SecurityVulnerabilitiesSecurity The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34 Jul 03, 2018 16 minsData BreachApplication SecurityCybercrime See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news analysis DHS unveils one common platform for reporting cyber incidents By Cynthia Brumfield Sep 25, 202310 mins RegulationRegulationRegulation news Chinese state actors behind espionage attacks on Southeast Asian government By Shweta Sharma Sep 25, 20234 mins Advanced Persistent ThreatsCyberattacks feature How to pick the best endpoint detection and response solution By Linda Rosencrance Sep 25, 202310 mins Intrusion Detection SoftwareSecurity Monitoring SoftwareData and Information Security podcast CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO podcast CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers Sep 07, 202317 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO video CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO video What is zero trust security? Sep 06, 20233 mins AuthenticationZero TrustNetwork Security video CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO