Threats, Attacks, and Vulnerabilities: Your guide to building a security strategy for cloud apps
In this special edition webinar you’ll hear from Ami Dave, CISO of Fanatics about how Datadog enables Fanatics to scale securely.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Application Security
The latest News and Information on Application Security including monitoring, testing, and open source.
How to Easily Generate An Accurate SBOM with Black Duck SCA | Black Duck
Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Watch the video to streamline your SBOM generation process and take control of your software supply chain. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain.
Building Security In Maturity Model or BSIMM from Black Duck | Black Duck
Black Duck BSIMM Assessments helps organizations plan, implement, and measure their software security initiatives. A BSIMM assessment provides an objective, data-driven evaluation that leaders seeking to improve their security postures can use to base decisions about resources, time, budget, and priorities.
The Evolving Role of CISOs: Yaron Levi on Security and Collaboration
Yaron Levi on Security and Collaboration.
Nucleus Security Positioned as a Growth Leader in Frost Radar: Application Security Posture Management, 2024
In September 2024, Frost & Sullivan released its Frost Radar: Application Security Posture Management (ASPM), 2024, highlighting the leaders in this rapidly growing market. We’re proud to be recognized as a top player, reflecting our strong growth and impact in the ASPM space. Our customers use Nucleus to achieve a comprehensive and unified application security posture.
Security in FinTech: Q&A with Dan Kindler, co-founder & CTO of Bound
Hi, I’m Dan Kindler and I’m the CTO and co-founder of Bound. We focus on making currency conversion and hedging cheap, fair, and most of all, easy. Our platforms help hundreds of businesses protect themselves from currency risk across the world. Currently, about half of our team is composed of engineers.
Ruby affected by CVE-2024-45409
CVE-2024-45409 is a critical vulnerability in the Ruby-SAML (affecting versions up to 12.2 and from 1.13.0 to 1.16.0) and OmniAuth SAML libraries. It hence effectively poses a security risk for unpatched versions of GitLab (read more on the GitLab blog). This vulnerability arises from improper verification of the SAML Response signature. An attacker with access to any signed SAML document can forge a SAML Response or Assertion with arbitrary contents.
The future of agentic AI and Quantum Summit highlights | The Shift October 2024 Preview
In this edition of The Shift, Outshift’s quarterly newsletter, we focus on all things AI — including an exclusive interview with SVP Vijoy Pandey on what the future of AI has in store and an announcement of an exciting new partnership with our GenAI product Motific.
The Essential Role of CIEM: Stopping Multi-Cloud Identity-based Threats
Enterprises are increasingly adopting multi-cloud environments to take advantage of the flexibility and scalability of different cloud platforms. However, this shift has also introduced a major security challenge: the rise of identity-based threats. With 82% of data breaches now involving cloud-stored data, securing cloud identities has become a critical need. The complexity of managing identities and permissions across multiple cloud platforms only amplifies the risks.
Linux Kernel effected by CVE-2023-2163
CVE-2023-2163 is a critical vulnerability in the Linux Kernel, specifically affecting kernel versions 5.4 and above (excluding 6.3). This vulnerability arises from incorrect verifier pruning in the Berkeley Packet Filter (BPF), leading to unsafe code paths being incorrectly marked as safe. The vulnerability has a CVSS v3.1 Base Score of 8.8, indicating its high severity. The consequences are arbitrary read/write in kernel memory, lateral privilege escalation and container escape.