Read also: A Scattered Spider member arrested in the UK, LockBit affiliates plead guilty, and more.

We made our WAF Machine Learning models 5.5x faster, reducing execution time by approximately 82%, from 1519 to 275 microseconds! Read on to find out how we achieved this remarkable improvement. WAF Attack Score is Cloudflare's machine learning (ML)-powered layer built on top of our Web Application Firewall (WAF). Its goal is to complement the WAF and detect attack bypasses that we haven't encountered before.

As modern enterprise IT environments become more complex, the need for robust cybersecurity measures continues to grow. Because of this expanding complexity, DevSecOps functions are more common, requiring the integration of security into the application development lifecycle. Application Security Posture Management (ASPM) solutions offer a unified framework for securing the diverse application environment and merging security into the application development process.

In this post, we explore a powerful, yet widely unknown attack vector which has emerged in the last couple of years known as ‘Repo Jacking’. During our research, we discovered the enormous potential to compromise software components with tens of millions of downloads across the Terraform IaC (Infrastructure as Code) and Composer (PHP package registry) ecosystems. Despite its power, Repo Jacking remains under-researched and frequently misunderstood.

The first known security incident involving a compromised device occurred during the Bronze Age, in present-day Turkey.

In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.

Cyberattackers are continuously seeking sophisticated new ways to crack passwords and get access to sensitive information such as personal user data, financial records, intellectual property, or corporate data. The stakes are high, and the challenge of keeping passwords secure has never been more critical. According to the 2024 Data Breach Investigations Report by Verizon, roughly 50% of data breaches involve stolen credentials, which highlights the need for robust password management practices.

Kubernetes stands at the forefront of the container orchestration revolution by becoming most people’s go-to container orchestration platform. While looking at all the features that Kubernetes brings into the picture, you may notice that the platform does not manage its own users.

According to Gartner, almost two-thirds of U.S. businesses were directly impacted by a software supply chain attack. So it’s not a question of whether to secure your software supply chain, but rather what is the most effective and efficient way to provide end-to-end security during all phases of the software development lifecycle (SDLC). Download the Ebook.

The continuous threat exposure management (CTEM) model offers tremendous benefits to any organization implementing it.