This is a public service announcement: The not-so-simple act of securing applications produces a lot of documentation, including playbooks and policies, that isn’t typically needed on a daily basis. But when a zero-day event occurs, such as the recent Crowdstrike incident, application security teams better be able to find everything they need—and fast. Sadly, in both big and small companies, missing and outdated documentation is rampant.

This week, the National Institute for Standards and Technology (NIST) released “Implementing a Zero Trust Architecture (NIST SP 1800-35)” for public comment. The guide is written by NIST’s National Cybersecurity Center of Excellence (NCCoE) in collaboration with 24 cybersecurity companies. Now in its fourth draft, NCCoE has opened up comments for this Zero Trust Architecture (ZTA) guide through Sept. 30, 2024, as part of a 60-day review cycle.

Artificial Intelligence (AI) has the potential to revolutionize how businesses operate. But with this exciting advancement come new challenges that cannot be ignored. For proactive security and IT leaders, prioritizing security and privacy in AI can’t simply be a box-checking exercise; it's the key to unlocking the full potential of this wave of innovation.

Non-human identities (NHIs) dominate the era of cloud services and SaaS applications. They are the identities that authenticate between different servers, APIs and third party integrations to provide programmatic access to data and services. Non-human identities utilize different protocols, such as OAuth, REST and SSH.

Welcome to the second part of our two-part special on Gartner’s “4 Ways Generative AI Will Impact CISOs and Their Teams” report! If you’ve missed the first part on model composition, you can read it here. Today, we will explore why security specialism matters in an AI security tool, particularly where AI quality is concerned.

Elastic Security 8.15 is now available, enhancing our mission to modernize security operations with AI-driven security analytics. Key features include the brand new Automatic Import to streamline data ingestion and onboarding, support for Google’s Gemini 1.5 Pro and Flash large language models (LLMs), a new set of APIs for the Elastic AI Assistant, on-demand file scans for the Elastic Defend integration, and a redesigned way of pivoting between different contexts.

Embedded software development presents unique challenges due to its close integration with hardware, strict real-time requirements, and the need for high reliability and safety. The V-Model, also known as the Verification and Validation model, offers a structured approach that effectively addresses these challenges. This blog post delves into the V-Model's intricacies and elucidates how it enhances the testing of embedded software.

Is your company grappling with an increasing volume and complexity of information? A strong data governance framework is essential to harness the power of data while lessening risks. This strategic framework ensures data is managed effectively, meets quality standards, and supports informed decision-making, quality standards, and supporting informed decisions. As regulatory compliance burdens intensify, data governance has become critical to organizational success.

A patch is a set of modifications that mean to update, repair or improve the computer program or its corresponding data. Patches are a key component of software support and lifecycle.

Cyber attackers are constantly innovating new ways to compromise users and steal credentials. Among these techniques, credential harvesting through phishing attempts is one of the most prevalent methods. This deceptive strategy often involves attackers creating a fake site that mirrors a legitimate login page.