Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

The Right Steps to SASE: Understand Where You're Going

When undertaking a new project, the need to deliver quantifiable results today (or at least very quickly!) is a significant challenge facing a CIO, CISO, or anyone with high-level responsibility for enterprise networking and security. Unlike typical IT projects where long development cycles may be tolerated, security must demonstrate value right away and deliver quick wins. Vulnerability is scary.

Live From RSAC: Is Digital Transformation Making AppSec Headless?

Chris Wysopal, Veracode Co-Founder and CTO, recently sat down with Tom Field, ISMG Senior Vice President of Editorial, for an executive interview at the RSA Conference 2021 to discuss if digital transformations are making application security (AppSec) “headless.”

Live From RSAC: AppSec's Future and the Rise of the Chief Product Security Officer

Chris Wysopal, Co-Founder and CTO at Veracode, and Joshua Corman, Chief Strategist of Healthcare and COVID at CISA, presented at the 2021 RSA Conference on AppSec’s future and the need for a new Chief Product Security Officer (CPSO) role. Wysopal started by quoting entrepreneur Marc Andreessen saying, “Software is eating the world,” to express just how much we rely on technology. From our iPhones and laptops to our cars and even our refrigerators … software is everywhere.

What is API Security and how to protect them

APIs are a key part of modern web application development transforming how organizations build, manage, and scale their web and mobile services. In this blog we discuss why APIs are the new web application security, highlighting the growing challenges of API security risks and sharing best practices for preventing API attacks.

Why Google's new privacy labels are important

When Apple released their privacy nutrition labels, it was seen as a key turning point in platform-level privacy. Even so, while Apple holds control of mobile device profits and industry mind share, they do not account for the majority of mobile devices globally—especially in developing countries. The iPhone is expensive, and therefor any of its privacy protections become a benefit only to those that can afford their devices.

Confessions of an Information Security Engineer

Here’s the story of an information security engineer whose organization urgently needed new security log management stack that would enable him and his peers to not only survive but really thrive. In this Log’s Honest Truth podcast, presented in partnership with ITSP Magazine, Julian Waits, GM of the Devo cyber business unit & public sector, discusses the confessions of “Mr. B,” an information security engineer. Mr.

Streamlining Security Incident Management & Responses

In order to get a grasp on how to ease security incident management and response processes, there are terms to be clarified first. First of all, a security incident is the common name of an attack towards an organization’s cybersecurity system, network, or data in general. In addition, TechSlang also includes successful attacks within the term “incident”. Therefore, whether impactful or not, all types of attacks, violations, or exploitations can be described as security incidents.

Top 5 Cybersecurity Threats and Vulnerabilities in 2021

As the pandemic starts to fade, it can be easy to fall into a false sense of security. While there’s finally an end to COVID-19 insight, the cybersecurity pandemic rages on. 2020 was a record year for cybercrime, and the same threats will plague 2021. Amid the disruptions of 2020, many businesses embraced remote work, cloud services, and IoT technologies. These changes, in turn, led to a shifting cybersecurity landscape as cybercriminals adapted and new threats emerged.