In our recent webinar recent webinar title 'A CISO’s Checklist for Securing APIs and Applications', we delved into the concept of creating an API security playground tailored for both developer and security teams. The core idea revolves around utilizing intentionally vulnerable APIs as training tools. In this blog post, we'll present a curated list of such APIs, each with its own unique set of characteristics.

In the first part of this blog series, we discussed the primary data security challenges identified as most significant for c-suite respondents from our executive research. In the ever-changing landscape of modern business, harnessing the full potential of data has become imperative for enterprises aiming to future-proof their operations. However, to truly unlock this potential, organisations must critically assess their approach to data security across three vital areas.

With any IT environment, especially the public cloud, security is a top concern and priority. When leveraging the public cloud, one of the most important steps to ensuring a protected environment is recognizing the shared responsibility model, as it delineates the security obligations between the cloud provider and your organization.

In today's rapidly evolving digital landscape, organizations face the critical challenge of maintaining robust data security while ensuring seamless access and collaboration. As businesses become increasingly digitized, the volume of sensitive and confidential information shared across departments, with suppliers and partners, has skyrocketed. This digital transformation brings numerous benefits but also heightens the risk of data loss, leakage, and unauthorized exposure.

Let’s start with statistics: continuous integration, deployment, and delivery is among the top IT investment priorities in 2023 and 2024. To be exact, according to GitLab’s 2024 Global DevSecOps report, it is on the 8th place (and security is the top priority!). However, it shouldn’t be surprising, as CI/CD practice brings a lot of benefits to IT teams – it helps to accelerate software delivery and detect vulnerabilities and bugs earlier.

Vanta was founded on a mission to secure the internet and protect consumer data. We got our start in 2018 by automating compliance with information security frameworks like SOC 2, making it faster and easier for companies to demonstrate their security and unblock revenue.

Artificial intelligence (AI) has emerged as a promising solution to modernize power grids. The technology, alongside other upgrades like Internet of Things (IoT) connectivity, could make energy infrastructure more reliable and sustainable. However, AI power grids also pose significant cybersecurity risks. Attacks against critical infrastructure are becoming more common. As energy authorities ramp up their investments in AI, they should pay attention to these risks to enable a safer tech transformation.

Cybersecurity threats cast an ominous shadow over organizations across all sectors. While the world often associates these risks with profit-driven businesses, non-profit organizations are equally vulnerable targets. And the stakes are alarmingly high. Recent data shows that about 6 cyber-attacks happen every 4 minutes and attacks like the 2022 one on the International Committee of the Red Cross (ICRC) send shivers across non-profits.

On July 23, 2024, CrowdStrike Intelligence identified the phishing domain crowdstrike-office365com, which impersonates CrowdStrike and delivers malicious ZIP and RAR files containing a Microsoft Installer (MSI) loader. The loader ultimately executes Lumma Stealer packed with CypherIt.