In case 2020 wasn’t dystopian enough, here’s some more unbelievable news. On July 15, 2020, social media giant Twitter admitted it fell victim to a security breach. The attackers targetted 130 Twitter accounts, including several belonging to high-profile individuals such as elected officials; former president Barack Obama; and business leaders including Bill Gates, Jeff Bezos, and Elon Musk.

See their previous blog for more! Towards the end of the 19th century, large cities like New York were facing a vexing problem so devastating that many questioned whether such cities could be sustained at all. People could no longer cross the street without assistance, stumbling was a common problem, disease was spreading, and even those issues had nothing on the horrendous stench emanating from every corner. We are talking, of course, about horse manure.

Application security testing (AST), which are tools that automate the testing, analyzing, and reporting of security vulnerabilities, is an indispensable part of software development. In a modern DevOps framework where security is shifted left, AST should be thought of as compulsory. And this has never been more important when you consider that Forrester reports the most common external attack method continues to be application weaknesses and software vulnerabilities.

We recently partnered with Enterprise Strategy Group (ESG) to survey software development and security professionals about modern application development and how applications are tested for security. The soon-to-be-announced survey found that 53% of organizations provide security training for developers less than once a year, which is woefully inadequate for the rapid pace of change in software development.

The Federal Bureau of Investigations (FBI) released a flash alert in which it warned organizations about the dangers of Netwalker ransomware. On July 28, the FBI revealed in Flash Alert MI-000130-MW that it had received notifications of attacks involving Netwalker against U.S. and foreign government organizations along with entities operating in the healthcare and education sectors.

The pervasive impact of Internet of Things (IoT) devices on our lives is greater than that of traditional IT devices. There are several unknowns in IoT security, and it raises concerns for customers who are looking to incorporate IoT devices in their existing infrastructure. Fortunately, security by design can resolve some of the major root causes of the underlying vulnerabilities in these connected devices.

The COVID-19 Pandemic has enabled contactless payment volumes to increase quicker than previously projected. According to Juniper research, contactless payments will triple to $6 trillion worldwide by 2024, up from about $2 trillion in 2020, as the amount of mobile wallet transactions increase and banks expand the use of contactless cards.

In June 2020, a knife attack at a kindergarten in China injured 39 people, many of them children. The perpetrator was a security guard at the school. This was an insider attack and a horrific act that happens far too often across the world. While the majority of the cybersecurity industry is focused on securing data, the growing convergence of digital and physical security remains unhinged.

Just like how computers use trusted third parties and chains of trust to connect with one another, organizations use (admittedly much slower and more human powered) authoritative standards organizations (AICPA) and certified audit firms to create a trust system between organizations.

Vulnerabilities are weaknesses leveraged by adversaries to compromise the confidentiality, availability or integrity of a resource. The vulnerability ecosystem has matured considerably in the last few years. A significant amount of effort has been invested to capture, curate, taxonomize and communicate the vulnerabilities in terms of severity, impact and complexity of the associated exploit or attack.