Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Streamline Compliance and Strengthen Data Protection Using Netskope's Integration with the ChatGPT Enterprise Compliance API

In the ever-evolving landscape of AI, maintaining compliance standards and ensuring secure usage of generative AI applications remains an important priority for enterprises. Across the globe, regulatory frameworks like the European Union’s AI Act have been established to ensure that AI systems are developed and deployed in a manner that prioritizes safety, transparency, ethics, and fundamental rights.

The Biggest Factors Influencing API Security Today

Application Programming Interfaces (APIs), with their ability to enable different software systems to communicate, have helped shape the digital world irrevocably. They allow developers to create more interoperable, scalable, efficient, and innovative digital services and applications across important industries such as retail, finance, manufacturing, and healthcare. However, with the explosion of API creation and usage comes inevitable risks.

15 Best API Security Tools in the Market in 2024

As the importance of APIs continues to grow and API traffic accelerates, ensuring their secure functionality is no longer an option—it is a necessity. Just think about recent hacks like the ones at T-Mobile and Finsify’s Money Lover app – which left millions of users exposed and vulnerable. As cyber threats evolve faster than ever, the quest for the perfect API security solution becomes a mission. With so many options, how do you know which fits your needs?

Secure API Management for LLM-Based Services

API Management is a comprehensive process that involves creating, publishing, documenting, and overseeing application programming interfaces (APIs) in a secure, scalable environment. APIs are the backbone of modern software architecture, enabling interoperability and seamless functionality across diverse applications. They facilitate the integration of different software components, allowing them to intercommunicate and share data efficiently.

Polyfill.io Supply Chain Attack: Malicious JavaScript Injection Puts Over 100k Websites At Risk

Polyfill.io helps web developers achieve cross-browser compatibility by automatically managing necessary polyfills. By adding a script tag to their HTML, developers can ensure that features like JavaScript functions, HTML5 elements, and various APIs work across different browsers. Originally developed by Andrew Betts, Polyfill.io injects JavaScript polyfill libraries based on the user agent or other characteristics, streamlining code maintenance.

Salt Security Empowers API Governance with New Posture Policies Hub

In today's digital age, applications are no longer monolithic structures but intricate mosaics of interconnected APIs. These APIs are the foundation of modern software and allow for smooth communication and data exchange, providing the dynamic functionality users expect. However, as connectivity increases, so does the risk of exposure to cyberattacks. The security of APIs has become extremely important as cyber threats target these crucial points.

CVE-2024-6387: New OpenSSH RegreSSHion Vulnerability Gives Hackers Root Access on Linux Servers - 700,000+ Linux Boxes Potentially at Risk

Labeled as CVE-2024-6387, the recently discovered vulnerability in OpenSSH has become a serious cause for concern among Linux servers. OpenSSH is a collection of networking tools built on the Secure Shell (SSH) protocol. It is widely utilized to secure remote logins, manage and administer remote servers, and transfer files through SCP and SFTP. Nicknamed as the “RegreSSHion Bug”, Researchers at Qualys initially identified the vulnerability in May 2024.

Alerts on Policy Breaches Now Available via API

All Surface Monitoring users can configure Attack Surface Policies directly from the new Domains page, enabling various combinations of characteristics that were previously unavailable. Users are now alerted when policy breaches occur directly through their integrated tools, such as Slack and Jira.

CVE-2024-5655: Latest GitLab API Vulnerability Threatens Customer Data Exposure

A security flaw that impacts specific versions of GitLab's Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines under any user's credentials. GitLab is a web-based DevOps platform offering tools for software development, version control, and project management. Launched as an open-source project in 2011, it has become a powerful solution used globally by millions.