Writing reliable and user-friendly web applications takes significant knowledge, skill, and experience; writing secure web applications introduces a whole new level of complexity.

Since early September, Cloudflare's DDoS protection systems have been combating a month-long campaign of hyper-volumetric L3/4 DDoS attacks. Cloudflare’s defenses mitigated over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (Tbps). The largest attack peaked 3.8 Tbps — the largest ever disclosed publicly by any organization. Detection and mitigation was fully autonomous.

Support for cloud security posture management (CSPM) misconfigurations: Our enhanced CSPM tools vigilantly monitor cloud infrastructures for misconfigurations, compliance violation and security gaps, providing complete visibility into security posture early in the development cycle and saving SecOps teams time.

Testing Classic AUTOSAR applications has long been a significant challenge due to the reliance on hardware-in-the-loop (HiL) setups, which are costly, complex, and hard to scale. Code Intelligence’s new lightweight AUTOSAR simulator revolutionizes this process by enabling entire AUTOSAR applications to run on x86 Linux systems, thus facilitating software-in-the-loop (SiL) testing.

Artificial intelligence (AI) is increasingly embedded in modern organisations—from standalone generative AI apps to AI copilots in popular SaaS platforms, and the integration of self-hosted or public large language models (LLMs) in private applications tailored to specific business needs. The recently introduced EU AI Act sets out to regulate AI development and usage, ensuring that AI systems are safe, ethical, and respect fundamental rights.

Do you want to make sure your QR code security practices are keeping your business and customers safe? If so, you're in the right place! QR codes (Quick Response codes) are barcodes that store data for people who scan them with their device, usually a smartphone. QR codes have many great uses, such as helping customers learn more about your products and making it easy for them to download your app.

North Korea uses remote IT roles to infiltrate global organizations, threat actors exploit third-party infrastructure to deliver spam, and a new report sheds light on political deepfakes.

Yesterday, Elastic Security Labs released the 2024 Elastic Global Threat Report, a comprehensive look at more than 1 billion data points from Elastic’s unique telemetry. The report provides insights into the methods, techniques, and trends of threat actors from the perspective of defenders — giving crucial insights for security teams to prioritize and improve their security posture.

What are some of the growing cybersecurity risks in the modern software development landscape that keep CISOs busy? Developers and security teams face an ever-increasing array of threats, from sophisticated open source and vendor-controlled supply chain attacks to vulnerabilities introduced by AI-generated code like prompt injection and poor code security by GitHub Copilot.

Corporate boards are tasked with ensuring that sensitive information—ranging from intellectual property (IP) and end-user information to sales statistics—is handled securely. As data becomes an ever-more valuable asset, so too do the risks associated with mismanagement.