Avoiding common integration pitfalls that set your organization back is critical in today’s fast-paced software development landscape. In today’s fast-paced software development landscape, DevOps has become the go-to approach for organizations looking to accelerate their application delivery. However, ensuring the security of applications in a DevOps environment is no small feat.

On July 24, a group of researchers at Midnight Blue announced TETRA:BURST, a set of five new vulnerabilities affecting the TETRA standard for radio communication.

According to the latest cybersecurity report of CNIL, the French data protection supervisor, France has seen a record of personal data breaches in 2021 — a near 80% increase from 2020. The CNIL carried out strict regulatory measures on French businesses and organizations in 2021, sending 135 formal notices that resulted in €214 million in fines and 18 sanctions. Nine sanctions were for inefficient data security.

Vulnerability disclosure programs (VDPs) are structured frameworks or processes for organizations to document, submit, and report security vulnerabilities to all other relevant organizations. Being ready and able to address vulnerabilities before they become problems is an essential part of any cybersecurity strategy. While VDPs are not currently required by law, the U.S. government encourages vulnerability disclosure programs as a proactive approach to cybersecurity.

The US Federal Bureau of Investigation (FBI) has warned of an increase in tech support scams that attempt to trick users into sending cash via snail mail.

In this article, we will see how to enable Enterprise SSO login (based on the SAML single sign-on protocol) using Okta for your Next.js app and relay role-based access directly from the Identity Provider to Cerbos. We'll be using BoxyHQ's open-source Enterprise SSO solution (called SAML Jackson) to interface with Okta. We'll use the principle of minimal UI and include only the necessary interface in our example application.

Recently, a team of experts from JumpSEC Labs discovered a vulnerability in Microsoft Teams that allows malicious actors to bypass policy controls and introduce malware through external communication channels. Leaving end-users susceptible to phishing attacks. Microsoft’s advice is to educate end-users to detect phishing attempts. One workaround would be to disable Microsoft Teams collaboration with external organizations.

SecurityScorecard recently joined the World Economic Forum’s Centre for Cybersecurity and UC Berkeley’s Center for Long-Term Cybersecurity (CLTC) for a private, invite-only workshop in Washington, DC alongside global leaders, CEOs, and CISOs to identify trends and insights that will most likely impact cybersecurity in the next decade of 2030 via future-focused scenarios with emerging cybersecurity challenges.

In GitGuardian's first digital conference, CodeSecDays, security leaders from multiple leading companies like Snyk, Chainguard, Doppler, RedMonk, and more came together to share the latest in code and application security.

Selecting an identity management solution is a critically important decision for any software organization. Identity management is a foundational component of good cloud security and can either be an enabler for scalability or a huge technical debt sink. Many organizations start with AWS by quickly throwing together their IAM infrastructure: some users, a few roles, and some policies.