This is the second instalment of a two-part blog post. The blogs are based on one of our “AppSec Talk” YouTube videos, featuring Kondukto Security Advisor Ben Strozykowski and Rami McCarthy, a seasoned security engineer with experience at Figma and Cedar Cares. In that video, Ben and Rami delved into the critical role developers play in the security program and the application security lifecycle.

With external threats looming as a constant source of potential disruption, multiple government agencies have coordinated to compile a catalog of Known Exploited Vulnerabilities (KEV). The Known Exploited Vulnerabilities Catalog, or KEV catalog, is a database of actively exploited vulnerabilities, including those that have been exploited by ransomware campaigns, that can help application security professionals in the public and private sectors monitor threats and prioritize fixes.

In an era where cyber threats are constantly evolving, protecting your identity and data from unauthorized access is more critical than ever. That's why we're excited to bring you the enhanced multifactor authentication (MFA) for Elastic Cloud. This feature significantly strengthens the security of your Elastic Cloud user and deployment data by aligning with industry best practices. You can go to Elastic Cloud and complete your MFA setup today.

In the fast-paced, large-scale world of digital business, establishing and managing an acceptable risk tolerance related to user identities — both human and machine — is a critical element of organizational security. At the forefront of this challenge is the need to strike the right balance between ensuring robust security and maintaining an environment that doesn’t impede innovation. After all, identities are the new perimeter in the cloud.

Foundationally, the OWASP Top 10 for Large Language Model (LLMs) applications was designed to educate software developers, security architects, and other hands-on practitioners about how to harden LLM security and implement more secure AI workloads. The framework specifies the potential security risks associated with deploying and managing LLM applications by explicitly naming the most critical vulnerabilities seen in LLMs thus far and how to mitigate them.

Google Workspace is a popular suite of cloud-based productivity and collaboration tools that enables users to create, co-edit, and share documents, spreadsheets, presentations, and more. While Google Workspace has many benefits, more than the platform is needed to meet the needs of businesses looking for more control, security, and governance over their critical content. They need a partner solution that integrates seamlessly with Google and prioritizes secure content collaboration - in comes Egnyte.

Read also: A massive botnet that infected over 200K devices worldwide disrupted, a Chinese man charged for phishing attacks on NASA, and more.