Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

LLM Risks: Chaining Prompt Injection with Excessive Agency

Alongside an explosion in the popularity of large language models (LLMs) across many industries, there has also been an increase in the level of trust granted to these models. Whereas LLMs were once perceived as simple, friendly chatbots that could respond to basic questions or pull useful resources from the web based on user input, many have now been granted the ability to perform actions, anywhere from sending an email to deploying code. This is referred to as agency.

Azure Arc-Enabled Kubernetes Protection with CloudCasa: Edge to On-Prem Coverage

As more organizations adopt hybrid and edge computing models, the need for robust, unified data protection solutions for Kubernetes clusters has grown. With CloudCasa, your Kubernetes deployments across hybrid environments—whether running on Azure Stack HCI or on-premises (many of them managed by Azure Arc)—are fully protected, ensuring that your data is safe and recoverable, no matter the scenario.

CloudCasa November Feature Updates - Support KubeVirt!

Following our previous release by less than a month, our November feature update (which we are not coincidentally releasing just before KubeCon NA 2024) is dedicated to providing enhanced support for KubeVirt and KubeVirt-based systems such as SUSE Harvester and Red Hat OpenShift Virtualization. KubeVirt is a Kubernetes extension that lets users natively run traditional Virtual Machine (VM) workloads alongside container workloads in their Kubernetes or OpenShift clusters.

Mend.io is a Strong Performer in the Forrester Wave Software Composition Analysis, Q4 2024

It should be no surprise that the world runs on open source software. According to the latest Forrester Wave Software Composition Analysis Q4 2024 report an “astonishing 77% of codebases are comprised of open-source software.” Since a “considerable amount of an application’s risk is due to third-party sources,” software composition analysis (SCA) tools remain the lifeblood for securing modern applications and bringing greater transparency to the software supply chain.

How Bot Expertise Stopped the Google Translate Bot Proxy Technique

Bot attacks are evolving to become more sophisticated. Attackers have built businesses around the data and assets they extract with bots, so they constantly seek ways to bypass defenses. Developers work tirelessly to assess bot defenses and find new methods to evade them. Traditional, client-side defenses are visible to attackers, making it easier for them to bypass. But even advanced defenses must stay alert, embedding bot expertise to keep pace with these evolving tactics.

The InfoSec Guide to Dark Web Monitoring

Your customers’ stolen data could be for sale right now – and you might not even know it. The dark web is a thriving, shadowy marketplace where fraudsters trade credit card numbers, account details, session cookies, and even entire identities. On average, there were more than 2.5 million daily visitors to the dark web in 2023, showcasing the scale of this underground economy.

OpenShift Disaster Recovery: Ensuring Business Continuity

What happens if your critical OpenShift applications suddenly crash due to a major system failure or cyber attack? How fast could you bounce back and get things running again? Having a solid OpenShift disaster recovery plan isn’t just a nice-to-have — it’s essential for keeping your business going when the unexpected hits. This guide walks you through the key elements of building a strong disaster recovery setup for your OpenShift environment.

FedRAMP Certification and Data Security

Federal Risk and Authorization Management Program (FedRAMP) and State Risk and Authorization Management Program (StateRAMP) are pivotal frameworks for securing cloud services used by federal and state governments, respectively. These programs mandate stringent security protocols, emphasizing the need for organizations to manage and disclose third-party involvement in delivering software services to the government.

Introducing Veracode Risk Manager: A New Chapter in ASPM Built for Scale

In a digital world that’s evolving faster than ever, industry landscapes are shifting, and customer needs are becoming more complex. At Veracode, we recognize these fundamental changes in the application security space. That’s why Veracode strategically acquired Longbow Security, now rebranded as Veracode Risk Manager.