%term

Graylog API Security Intro Demo

Jul 19, 2023 By Graylog In Graylog

Discover and Improve Your API Security with Graylog! In this quick demo, Rob from Resurface now Graylog, showcases how Graylog helps you understand and manage your API attack surface. From identifying Rogue, prohibited, and deprecated APIs to automatically discovering and summarizing common types of attacks and failures, Graylog streamlines API security. No technical expertise needed – the system categorizes API calls into meaningful buckets, providing detailed views, including full request and response details. Easily create custom signatures, export data, and receive alerts with Graylog's comprehensive API security solution.

View Video

Graylog

API
Security

Read more about Graylog API Security Intro Demo

Choosing the Right Managed Application Security Provider: A Guide

Jul 19, 2023 By Komodo Research In Komodo Consulting

Imagine, if you will, that you are the esteemed ruler of a vast digital dominion, and your applications are the lifeblood of your realm. Yet, in the boundless expanse of cyberspace, there lurk dragons of the most fearsome kind—cyber threats, data breaches, and hackers. You require a champion, a Managed Application Security Provider (MASP), to safeguard your kingdom. But how, pray tell, does one select the right one?

Read Post

Komodo Consulting

Read more about Choosing the Right Managed Application Security Provider: A Guide

Insider Risk: How to Keep Your Data Safe in a Hybrid Working World

Jul 18, 2023 By Veriato In Veriato

In this webinar, a panel of experts will discuss the cost of insider threats to their businesses and their challenges in mitigating the risk with a hybrid workforce.

View Video

Veriato

Read more about Insider Risk: How to Keep Your Data Safe in a Hybrid Working World

Implementing workload-centric Web Application Firewall (WAF) using Calico

Jul 18, 2023 By Faisal Naseem In Tigera

Microservices security is a growing concern for businesses in the face of increasing cyber threats. With application layer attacks being a leading cause of breaches, it’s more important than ever to safeguard the HTTP-based communication between microservices within a Kubernetes cluster. Traditional web application firewalls (WAFs) are not designed to address this specific challenge, but Calico WAF offers a unique solution.

Read Post

Tigera

Read more about Implementing workload-centric Web Application Firewall (WAF) using Calico

Does PCI DSS v4.0 Require a Pen Test?

Jul 18, 2023 By Outpost 24 In Outpost 24

PCI version 4.0 was released in March 2022, and all organizations that must be compliant with the regulation have a deadline of March 31, 2024 to do so. So, what does the new version say about pen testing? According to Requirement 11 of the Payment Card Industry Data Security Standard (PCI DSS), pen testing is required for organizations and entities that store, process, and/or transmit cardholder data.

Read Post

Outpost 24

Read more about Does PCI DSS v4.0 Require a Pen Test?

You're Not Hallucinating: AI-Assisted Cyberattacks Are Coming to Healthcare, Too

Jul 18, 2023 By Daniel dos Santos In Forescout

We recently published a blog post detailing how threat actors could leverage AI tools such as ChatGPT to assist in attacks targeting operational technology (OT) and unmanaged devices. In this blog post, we highlight why healthcare organizations should be particularly worried about this.

Read Post

Forescout

Read more about You're Not Hallucinating: AI-Assisted Cyberattacks Are Coming to Healthcare, Too

Preparing for TSA Cybersecurity Compliance with Identity Security

Jul 18, 2023 By Jay Willoughby In CyberArk

The aviation industry relies on a complex web of players and digital systems to fly passengers safely around the world. Billions of data points flow across this vast interconnected ecosystem – from cloud-based ticketing apps and customer experience portals, to third-party vendors and technology systems, to airport ground operations and in-flight aircraft.

Read Post

CyberArk

Read more about Preparing for TSA Cybersecurity Compliance with Identity Security

Best practices for effective attack surface analysis

Jul 18, 2023 By Snyk In Snyk

An application’s attack surface is the sum of points where it might be vulnerable to bad actors. It consists of all the paths in and out of the application. Identifying vulnerabilities is vital to mitigating threats because any access point is a potential entry point for an attack. An attack surface analysis, which is critical to this mitigation strategy, is the process of identifying and assessing the potential vulnerabilities and risks in a software system or network.

Read Post

Snyk

Read more about Best practices for effective attack surface analysis

Swift deserialization security primer

Jul 18, 2023 By Vandana Verma Sehgal In Snyk

Deserialization is the process of converting data from a serialized format, such as JSON or binary, back into its original form. Swift provides multiple protocols allowing users to convert objects and values to and from property lists, JSON, and other flat binary representations. Deserialization can also introduce unsuspecting security vulnerabilities in a user’s codebase that attackers could exploit.

Read Post