Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

indusface

What is an Authenticated Security Scan, And Why Is It Important?

Sep 21, 2023 By Gaurav Chauhan In Indusface
Many organizations today rely only on “unauthenticated” web application security scans, leaving their admin and user portals unchecked. While it is crucial to protect your system against external automated attacks, you shouldn’t ignore the possibility of a targeted attack from someone with valid logins. If your app lets anyone signup online, it could easily expose your business to attackers.
Read Post
Snyk

Snyk is named a Strong Performer as a first-time entrant in the Forrester Wave: Static Application Security Testing (SAST) Q3 2023

Sep 20, 2023 By Peter McKay In Snyk

In our first year participating in the Forrester Wave™: Static Application Security Testing (SAST) Q3 2023, we’re thrilled that Snyk has been recognized as a Strong Performer in a mature, yet evolving, enterprise software security category. Snyk is disrupting the SAST market with a developer-first approach to application security, illustrated by our position in strategy and market presence in the evaluation.

Read Post
protegrity

Why Log4j Wasn't the Developers' Fault: Understanding the Challenges of Modern Developers

Sep 20, 2023 By Protegrity In Protegrity

In today’s fast-paced digital world, software developers face many challenges as they work tirelessly to create and maintain applications that power our daily lives. The recent Log4Shell vulnerability, which exposed a critical flaw in the widely used Log4j library, has drawn widespread attention and criticism.

Read Post
cyberint

Vulnerabilities Within Law Enforcement Exposed

Sep 18, 2023 By Cyberint In Cyberint
On September 15th, 2023, it was announced that a company in Stockport, UK, responsible for producing ID cards for various organizations, including Greater Manchester Police, fell victim to a ransomware attack. The attack, conducted using ransomware, had significant implications. Thousands of police officers’ personal details, including their names, were at risk of exposure to the public domain.
Read Post
Snyk

Black Hat Asia customer panel recap: How to lead DevSecOps adoption

Sep 18, 2023 By Brian Piper In Snyk

DevSecOps is all about collaboration: facilitating a solid partnership between development and security teams. However, these collaboration efforts won’t succeed without help from leadership. Development and security teams need top-down support to set measurable goals, create a secure CI/CD pipeline, and establish a DevSecOps culture. Three experts came together at Black Hat Asia 2023 to discuss how leadership can participate in fostering security success.

Read Post
wallarm

2023 OWASP Top-10 Series: API8:2023 Security Misconfiguration

Sep 16, 2023 By Wallarm In Wallarm

Welcome to the 9th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners. This post will focus on API8:2023 Security Misconfiguration. In this series we are taking an in-depth look at each category – the details, the impact and what you can do about it.

Read Post
Featured Post
11:11 systems

You Can't Win: Learning to Live with Security Pessimism

Sep 15, 2023 By Alex Reid, Product Architect In 11:11 Systems
Cybersecurity can, at times, feel like a thankless and invisible task. The punishment for a mistake is immediate and ruthless, the reward for success next to non-existent, because how do you recognise the absence of a breach? But this isn't a new scenario; the IT industry has dealt with this outlook for decades. The job of an IT department is to be invisible, but when something does go wrong all eyes are inevitably on them to fix it.
Read Post
gitguardian

Three Recent Examples of Why You Need to Know How Vulnerable Your Secrets Are

Sep 15, 2023 By Nicolas DANJON In GitGuardian

In today's digital landscape, the issue of compromised credentials has become a major concern. Discover how renowned companies like Microsoft, VMware, and Sourcegraph were recently confronted with the threats of secrets sprawling.

Read Post
Snyk

Security implications of cross-origin resource sharing (CORS) in Node.js

Sep 13, 2023 By Victor Ikechukwu In Snyk

In modern web applications, cross-origin resource sharing (CORS) enables secure communication between applications hosted on different origins. Developers use CORS to access other applications’ services within their own. This approach eliminates the need to rewrite features from scratch, accelerating development time and improving the developer experience.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.