Perhaps you have recently seen some shocking statistics concerning the prevalence of identity theft, or perhaps you have a close friend who has gone through a terrible and stressful fraud situation. Even worse, you could already be familiar with the terrifying consequences of identity theft. Whatever the situation, you probably feel helpless to take any action to safeguard yourself. You’re not alone; this feeling is widespread.

Remember the era when we all bought software on DVDs and CDs from stores with literally zero worry about security? Well, the time has changed, and we have gone all digital, including purchasing software where security is at stake. So how does one know if a particular software is legit and hasn’t been accessed by a third party? This is where Code Signing Certificates come to the rescue! So, does one get them?

A customer posed this question to me recently; after pausing and smiling (a little too) broadly, he continued, “Their lips are moving.” I thought this would be funnier if it weren’t partly true. The software industry has over-promised and under-delivered for years, making technical executives rightfully skeptical when they hear a new promise. Unfortunately, it’s common for software to lack promised features or to create new headaches when deployed across the enterprise.

The internet’s evolution is transforming our way of life in real time. That includes the experience of being a parent, and to an even greater degree, a young person. Today, it’s not uncommon for kids to have an online presence before losing their first teeth. But we’re only just starting to learn about the impact of these changing habits, and the challenges they’re creating for families around the globe.

Whenever we browse anything on the internet or perform any activity, we leave our trails on the internet. Those trails are digital trails and are called digital footprints. Here we have used the word activities that include everything like visiting a website, sending emails and submitting any information in any online form.

Snyk Code supports various languages important in the cloud native arena, Ruby being among them (and we’ve seen great adoption, so thank you!). Our researchers are constantly monitoring our rule sets, using our training set of open source projects, but also — and, yes this is an advantage of a SaaS service — how the rules do on the code that is scanned. Just as a reminder, Snyk does not use your code to train our sets — but we do aggregate usage statistics.

Having lived and worked in Dubai early in my career, I have a great affinity with the Middle East. So when the opportunity to present at Gitex, the region’s premier technology event, and support our local Lookout team, I jumped at it. You might not think of the Middle East as being at the forefront of technological innovation, but if you stroll around Gitex, you’ll find everything from flying cars, robotics, and environment controls to IT and security.

Sumo Logic’s security team is thrilled to be named a Visionary in the 2022 Gartner® Magic Quadrant™ for Security Information and Event Management (SIEM) report. We are honored to be recognized for the second year in a row as a Visionary, which we feel reflects our Completeness of Vision and our Ability to Execute.

ModSecurity is an open-source web application firewall (WAF) engine maintained by Trustwave. This blog post discusses multiple input interpretation weaknesses in the ModSecurity project. Each input interpretation weakness could allow a malicious actor to evade some ModSecurity rules. Both ModSecurity v2 and ModSecurity v3 were affected. The issues have been addressed in v2.9.6 and v3.0.8, respectively.

Get the most out of your Black Duck open source audit by understanding the report components and next steps you need to take.