Today, we’re thrilled to share that Salt has launched extended capabilities to our powerful platform, adding yet another industry-first technical advancement to our trophy case! (full announcement here.) Since its founding, Salt’s been on a mission to create a platform that can detect, prioritize and solve the most complex API security challenges and risks.

2023 was a tumultuous year that drove technology transformations at a pace unknown. The industry saw an accelerated and unrivaled pace of technology adoption, persistent yet evolving challenges and unparalleled market dynamics around the world. The following are the top three trends from last year that influenced my thinking as a CIO at the top of 2024.

XML-RPC is a powerful and versatile protocol in the ever-evolving web development and data communication landscape. XML-RPC, which stands for Extensible Markup Language – Remote Procedure Call, provides a standardized way for software applications to communicate over the Internet. XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the webserver context.

The core tenets of information security is to protect assets from unauthorized disclosure, prevent unauthorized changes, and to make them available as needed. These align with the CIA security triad of Confidentiality, Integrity, and Availability.

Wherever you are in your SASE or SSE journey, it can be helpful knowing what other CISOs are doing once they’ve implemented these platforms. Getting started with enhanced security is a lot easier than you might think. With Cato’s security services being delivered from a scalable cloud-native architecture at multiple global points of presence, the value is immediate. In this blog post, we bring the top three things you, as a CISO, can do with Cato.

AutoIt is a scripting language designed for automating the Windows GUI and general scripting. Over the years, it has been utilized for malicious purposes, including AutoIt-compiled malware, which dates back to as early as 2008. Malware creators have exploited the versatility of AutoIT in a variety of ways, such as using obfuscated scripts for payload decryption, utilizing legitimate tools like BaSupportVNC, and even creating worms capable of spreading through removable media and Windows shares.

The security posture of any organization is the result of comprehensive security strategies, processes and practices, which enable organizations to be resilient against evolving security threats. This article describes what we mean by “security posture”, including why it matters, and what comprises it. Importantly, we’ll also understand how to assess and improve the security posture.

GitLab has addressed two critical vulnerabilities in the GitLab Community Edition and Enterprise Edition that require immediate attention.

Spotting insider threats isn’t easy. There are a number of behavioral indicators that can help you see where a potential threat is coming from, but this is only half the battle. Efficient insider threat detection also requires comprehensive tools that allow you to monitor suspicious users’ sessions and track their activities. In this article, we describe what insider threat indicators are to help you spot potential malicious actors.

In the digital-first era, the internet is not simply a luxury; it's a fundamental part of our daily lives. From business growth to personal connections, its impact is profound. However, this interconnectedness comes with a price: the rise of cybercrime. Exploring the 2023 Global Cybercrime Report, we uncover which countries face the highest risk and how this pervasive issue affects us all, no matter where we connect from.