Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

PCI DSS is a set of requirements that is applied to every small and large organization that accepts, stores, processes, or transmits cardholder data. In particular, PCI DSS for SaaS companies is essential, as these platforms frequently handle sensitive customer information and must adhere to the latest security standards. In 2024, the updated version of PCI DSS 3.2.1, PCI DSS v4.0, became mandatory after being officially released on March 31, 2022, allowing organizations a transition period.

You may be relieved to know that more and more companies are offering ways to log in to our accounts or save our credentials without having to remember hundreds of passwords. The benefit for us is that we can easily log in to our accounts without resetting forgotten passwords, and our accounts are more secure than ever with more advanced ways to access them. One way we can access our accounts securely is face ID, but many people are concerned about this new technology. Is face ID safe? Is it secure?

There’s no doubt that API security is a hot topic these days. The continued growth in API-related breaches and increase in publicized API vulnerabilities has pushed API security to the top of CISO’s lists. The tools in the market for API security still have room for improvement, of course. One of the challenges security practitioners face with APIs is understanding the context in which an attack took place.

How often are you surprised by a threat or vulnerability from a software asset you never knew existed? For many companies, the answer is, “More often than we’d like.” This is because you can’t protect what you can’t see. Full visibility across the entire software supply chain is a must for AppSec teams, but this comprehensive view across the attack surface can be elusive.

Today, we announced the exciting news that Snyk has acquired Probely, a fast-growing modern provider of API Security Testing and Dynamic Application Security Testing (DAST). With this addition, Snyk now offers a full range of development and application security solutions, with customers immediately benefiting from a broader range of developer friendly testing techniques.

Elastic Security 8.16 is now available, advancing our mission to streamline security workflows with enhanced data accessibility and AI-driven analytics. Key updates include agentless onboarding for faster cloud security posture management (CSPM) and asset discovery; expanded integrations with Wiz, AWS Security Hub, and Falco for contextualized threat detection; custom knowledge sources for Elastic AI Assistant; and improved support for locally hosted large language models (LLMs).

Security service edge (SSE) is an infrastructure modernization project CIOs, Infrastructure and Operations (I&O), and Networking leaders should have firmly on their radar. A new study from Forrester Consulting assesses the potential business value and benefits of Netskope One SSE. The research discovered that all of the top three benefits (which combine to account for 63.5% of the total economic impact of Netskope One SSE) related to network, infrastructure and operations.

The cybersecurity landscape is sadly brimming with tools that address narrow, specific problems, leading to a phenomenon known as “Point Solutions.” While these tools can offer precise capabilities, they have significant drawbacks in the modern, cloud-native world. A glut of isolated tools contributes to operational complexity, wasted resources, and missed opportunities for cohesive, unified defense strategies.

Here at 1Password, we’re on a mission to help businesses of all sizes secure every sign-in for every app. To achieve that goal, it’s important that our solutions integrate with and elevate organizations’ existing infrastructure.

This January, the EU’s Digital Operational Resilience Act (DORA) will come into force, along with a number of other EU crypto regulations, and it is poised to usher in a new era for technology providers – in both the traditional and digital asset markets. Fireblocks is ready for this transition, and we’ve been helping our clients prepare for the new digital asset regulations in recent months as the deadlines approach.