In February 2023, LastPass, a leading password manager service, disclosed a security breach that reminded us just how severe SaaS breaches can be. The intrusion involved a targeted attack against a DevOps engineer accessing the corporate vault, underscoring the consequences of inadequate access controls and security practices.

DevSecOps Engineer Gene Gotimer explains why constant software dependency updates are crucial for security in DevSecOps practices.

Since starting my internship at Keeper Security, I’ve had the opportunity to enter into the world of cybersecurity, particularly surrounding the role of password management. This eye-opening experience has not only educated me on the dangers of an unprotected online presence, but it’s also encouraged me to follow cybersecurity best practices in my personal and academic life.

As more and more companies adopt low-code platforms and launch AI applications, the need for proper data security has never been greater. While it’s true that low-code platforms give users the freedom to develop powerful AI solutions with minimal programming knowledge or experience, this same level of flexibility also inadvertently exposes applications to potential data breaches.

APIs are essential for modern applications as they enable seamless communication and data exchange, serving as the foundation of these applications. However, their interconnected nature makes them vulnerable to various threats. The high volume of API calls - ranging from millions to billions every month - poses a challenge in distinguishing between genuine attacks and harmless irregularities.

AI has completely changed how we live, work and play. With its unparalleled efficiency, ongoing learning abilities and its detailed precision, it makes short work out of what used to be more complex and cumbersome tasks. Although AI systems are incredibly powerful and only growing in capacity and scale, they’re not without their challenges. Like other types of programs and infrastructures, AI is not immune to vulnerabilities and security issues.

Let’s talk technical debt. It’s that silent, creeping problem many of us have faced—those quick fixes and shortcuts we took to keep things running smoothly. They accumulate over time, leaving us with a tangled web of outdated systems and patchwork solutions. In cybersecurity, this isn’t just a minor annoyance—it’s a ticking time bomb. So, what’s technical debt consolidation?

Managed Cloud Security is an IT model that involves outsourcing the monitoring and security operations of cloud-based infrastructure to specialised third-party providers. This enables internal IT teams to concentrate on proactive initiatives rather than being bogged down by day-to-day security management, making it a strategic choice for organisations of all sizes. This approach integrates automation to enhance data breach protection, providing real-time threat alerts and ensuring regulatory compliance.

Generative AI (GenAI) is a top priority for organizations looking to increase productivity and solve business problems faster. In cloud security, AI chatbots to aid security practitioners are becoming more common, but to date, most of these solutions offer only basic queries and summarization. Diverse cloud environments and evolving threats require more from an AI security analyst.

Each July, my family and I take a road trip from Kentucky back to my hometown in northwestern Pennsylvania to spend time on Lake Erie. As tradition dictates, we stop along I-71 for coffee at a branch of a certain coffee shop, which also happens to be my former employer as a teen. (Let’s call it Siren Coffee.) This year, we sat waiting in the drive-thru for a drip coffee for a full 10 minutes.