Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technology

Arctic Wolf

Why SIEM Is Not Right for SaaS Security

Dec 8, 2023 By Arctic Wolf In Arctic Wolf

When security information and event management (SIEM) tools came to the market over a decade ago, many practitioners considered the combination of information management and event management groundbreaking. Since then, the technology has gone through iterations to improve and enhance its capabilities, including the incorporation of user and entity behavior analytics (UEBA), machine learning and AI capabilities, and “out-of-the-box” configurations for smaller organizations to rely on.

Read Post
graylog

Leveraging OpenAPI as a Core Element of API and Application Security

Dec 8, 2023 By Robert Dickinson In Graylog

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Read Post
Featured Post
noname security

How Unsecured APIs Can Eat Up Retail Revenue

Dec 7, 2023 By Karl Mattson, Field CISO In Noname Security
The retail sector has experienced transformational change with the introduction and widespread adoption of digital technology. The sector has seen an extreme level of transformation; from physical storefronts, through the early days of internet retailing, all the way up to the modern retail and eCommerce ecosystem. This transformation has required the adoption of new technology at each stage, with APIs the current foundational building block, enabling the necessary connections between retailers, consumers and the supply chain. However, given the resulting amount of personal identifiable information (PII) on offer, retail is an extremely attractive target for cybercriminals to exploit vulnerabilities for financial gain.
Read Post
securitysenses

Maximizing Efficiency: The Significance of TDM for Sensitive Data

Dec 7, 2023 By SecuritySenses In SecuritySenses
Organizations dealing with sensitive information must prioritize Test Data Management, a critical practice in the era of data-driven operations. The importance of precision in handling sensitive data cannot be overstated. This article explores the key reasons why utilizing Test Data Management (TDM) for sensitive data is not just beneficial but imperative for ensuring smooth operations and minimizing risks.
Read Post

Code Signing with Azure Key Vault: Create a Key Vault, Generate CSR and Import Certificate

Dec 7, 2023 By SignMyCode In SignMyCode
In today’s digital landscape, where data security is paramount, protecting your private keys, generating certificates, and managing secure connections is crucial. Microsoft Azure KeyVault offers a robust and reliable solution for handling these critical security aspects. Follow the Video to Manage your Keys and Code Signing Certificates on Microsoft Azure KeyVault. You can Buy Code Signing Certificates for Azure Key Vault to Digitally Sign your Executables and Packages.
View Video
indusface

Critical OWASP Mobile Top 10 2023 Vulnerabilities [+Mobile App Pen-testing Checklists]

Dec 7, 2023 By Vinugayathri Chinnasamy In Indusface

Get Android & iOS App Penetration Testing Checklists with OWASP Top 10 Securing mobile applications poses distinct challenges compared to websites. Mobile apps require specialized attention with risks ranging from secure data transfer to device-specific vulnerabilities. Businesses need the right resources and guidance to protect their mobile applications. The OWASP Mobile Top 10 is a good starting point as it outlines the risks and provides actionable tips for mitigating risks.

Read Post
gitguardian

Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions

Dec 7, 2023 By Guest Expert In GitGuardian

In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team.

Read Post
bearer

Introducing Bearer Assistant

Dec 7, 2023 By Guillaume Montard In Bearer

Artificial Intelligence (AI) is a hot topic these days, especially across the security industry. There's hardly a day when we don't read about its potential to create an impact on our lives, for better or worse. As a security company, we truly believe in the potential of AI, but we didn't want to jump into the deep end without careful consideration as we followed the buzz with a healthy amount of skepticism.

Read Post

AI Reality Check: Navigating High False Positives Today | Proceed with Caution | Razorthorn Security

Dec 6, 2023 By Razorthorn In Razorthorn
In this eye-opening video, we dive deep into the current state of AI, shedding light on a significant challenge it grapples with - a high false positive rate. While optimism is warranted for the future, I candidly express my belief that we are still a number of years away from achieving true production readiness.
View Video

Copyright © 2023 OpsMatters™. All rights reserved.