5 steps to boost your application security testing ROI
Even in the era of AI hype, spending more does not necessarily means spending wiser.
How artificial intelligence fits into cybersecurity
Ask these questions to help distinguish between a promising machine learning technology and a marketing hype.
Newly elected French president raises questions in trying to dupe hackers
Emerging trend of cyber deception, revealed by Emmanuel Macron, may be a slippery slope.
How CISOs can overcome cybersecurity pollution
How to assess a cybersecurity vendor in simple, unbiased and efficient manner?
RSAC 2017: The end of easy cash bounties
Industry evolution eliminates chances of bug hunters to get easy cash for trivial vulnerabilities.
Ransomware 2.0: Anatomy of an emerging multibillion business
What to expect from and how to resist the fastest growing sector of cybercrime in 2017?
Shall we care about zero-day?
Gartner says that 99% of exploited vulnerabilities are publicly known. Does it mean we can ignore zero-days?
Name and shame cybersecurity: a gift for cybercriminals?
Cybersecurity “name and shame” practice may significantly boost global cybercrime.
Cybersecurity: is it really a question of when, not if?
Can you imagine your banker saying “it’s not a question of if I lose your money, but when will I lose your money”?
Fake attacks by insiders to fool companies
Famous cybercrime groups and hacktivists “brands” may be a smokescreen to cover sophisticated insider attacks.
Can crowd security testing be cost efficient for web apps?
Can Bug Bounty programs be a cost-efficient complement for security testing of modern web applications?
Infosec16: keep your cybersecurity strategy simple to win
Infosecurity Europe 2016 highlighted a great variety of emerging cybersecurity threats. Keeping things simple can help CISOs a lot.
Web application security risks: Accept, avoid, mitigate or transfer?
Web application security is a very hot topic these days. What shall CISOs do with the related risks?
Five most common myths about Web security
Running behind trendy APTs we tend to forget about common-sense approach and holistic risk assessment.
Blackhole exploit kit author sent to jail: Pyrrhic victory for the cybersecurity industry
The imprisonment is rather a defeat than a victory for our industry if we carefully look into the details.
Cybersecurity spending: more does not necessarily mean better
Cybersecurity is not something you can just buy, but something you should thoroughly build.
Why PCI DSS cannot replace common sense and holistic risk assessment
Cybersecurity compliance is not designed to eliminate data breaches or stop cybercrime.
Web Application Firewall: a must-have security control or an outdated technology?
Can WAF be an efficient security control for modern web applications?
Five rules to conduct a successful cybersecurity RFP
It’s too early to speak about a cybersecurity bubble, however, it becomes more and more difficult to distinguish genuine security companies, with solid in-house technologies, and experts with flashy marketing and FUD (Fear,...
Facebook scandal or can bug bounties replace traditional web security?
Can crowd-sourcing approach to web security testing work for your corporate applications?
