Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Imagine all your online activity being put out in the open—as private as a billboard in Times Square. Before SSL, your private internet information was vulnerable to exposure. However, with the advent of SSL, encryption became part of how the data was transferred between web browsers and servers, ensuring privacy and security. SSL transforms regular HTTP into the more secure HTTPS, safeguarding your online activities.

Explore Our Latest Insights on Artificial Intelligence (AI). Learn More.

Product Name: Dynamic Dashboard Vulnerability: Stored XSS Vulnerable Version: >= 3.0.0, < 3.0.1 CVE: CVE-2024-47817 On October 5, 2024, the security researchers from Astra discovered a severe Stored Cross-Site Scripting vulnerability in Dynamic Dashboard’s paragraph widget. The widget, used for text and markdown, has inadequate input sanitization allowing attackers to inject malicious code.

Product Name: Dynamic Dashboard Vulnerability: Stored XSS Vulnerable Version: >= 3.0.0, < 3.0.1 CVE: CVE-2024-47817 Astra Security researchers identified a vulnerability in LocalAI, an Open-Source OpenAI alternative. The vulnerability, CVE-2024-9900, is a stored Cross-Site Scripting issue affecting the LocalAI v2.21.1 prompts, which allow malicious scripts and payloads to be input.

With DevSecOps, cybersecurity has become integrated into every phase of the software development lifecycle (SDLC). DevSecOps tools work across development, security, and operations siloes and enable these teams to work collaboratively, ensuring security vulnerabilities are addressed early and efficiently, reducing risks before they reach production.

Cloud security operates on a different paradigm compared to traditional IT security. For example, it involves multiple contextual layers such as cloud services, containers and Kubernetes that require specialized insights. The challenge is even harder when the organization is affected by compliance requirements, and is compounded by the sheer volume of data that becomes a major concern for any organization. Failing to effectively manage it leads to costly inefficiencies and risks.

We’re excited to announce our status as a launch partner for Wiz Defend. The new solution from Wiz draws upon the power of Wiz Integration Network (WIN) partners to better detect and respond to cloud threats in real time. We were selected as a launch partner due to our leading workflow orchestration and automation capabilities, which seamlessly connect with Wiz Defend to empower customers and their SOC/Incident Response teams.

Cursor AI has quickly become the hot AI code editor, rapidly gaining popularity with developers looking to write code faster and more efficiently. But while Cursor accelerates coding, how can devs trust that Gen AI code is secure?

Shadow IT refers to the use of information technology systems, devices, software, applications, and services without explicit approval from an organisation's IT department. While it sounds sinister, and has certain implications, it is not always done maliciously or with the intent of breaching security. It encompasses a wide range of digital activities where employees leverage unapproved tools to be more productive or achieve specific goals.