Technology

Have you accounted for AI risk in your risk management framework

Dec 11, 2023 By Bindu Sundaresan In AT&T Cybersecurity

Artificial intelligence (AI) is poised to significantly influence various facets of society, spanning healthcare, transportation, finance, and national security. Industry practitioners and citizens overall are actively considering and discussing the myriad ways AI could be employed or should be applied.

Read Post

AT&T Cybersecurity

Read more about Have you accounted for AI risk in your risk management framework

How Self-Learning AI Has Helped CARIAD Build An Automotive Software Powerhouse

Dec 11, 2023 By Code Intelligence In Code Intelligence

CARIAD has been building one unified software platform for all Volkswagen brands to provide them with reliable software and digital best practices. In recent years, CARIAD and the rest of the automotive software sector faced extensive industry regulation and an array of dangerous and costly vulnerabilities. By introducing feedback-based fuzzing, an advanced white-box testing method that uses self-learning AI to uncover deeply hidden bugs and security vulnerabilities, CARIAD was able to find and fix potentially dangerous issues early in the development process.

View Video

Code Intelligence

Read more about How Self-Learning AI Has Helped CARIAD Build An Automotive Software Powerhouse

Kubescape: the 1st open-source project to support VEX Generation

Dec 11, 2023 By ARMO In ARMO

Guest post originally published on Kubescape’s blog by Oshrat Nir, Developer Advocate at ARMO and a Kubescape contributer.

Read Post

ARMO

Read more about Kubescape: the 1st open-source project to support VEX Generation

5 Strategies for Successful Workload and Data Migration to the Cloud

Dec 10, 2023 By RiskOptics In RiskOptics

According to the Flexera 2021 State of the Cloud Report, the cloud has already become “mainstream,” with organizations in almost every industry migrating into it in increasing numbers. Cloud migration refers to moving an organization’s digital assets from legacy, “on-premise” (on-prem) infrastructure to the cloud. That would include IT assets such as: Soon, 59 percent of organizations plan to focus on cloud migration.

Read Post

RiskOptics

Read more about 5 Strategies for Successful Workload and Data Migration to the Cloud

Leveraging OpenAPI as a Core Element of API and Application Security

Dec 8, 2023 By Robert Dickinson In Graylog

An application’s attack surface is the sum of all the areas of an application which could be attacked by malicious attackers. This includes the application’s APIs, the underlying code, supporting infrastructure, and any other components which could be compromised. The goal for any organization is to reduce the attack surface area by discovering and minimizing potential vulnerabilities.

Read Post

Graylog

Read more about Leveraging OpenAPI as a Core Element of API and Application Security

Maximizing Efficiency: The Significance of TDM for Sensitive Data

Dec 7, 2023 By SecuritySenses In SecuritySenses

Organizations dealing with sensitive information must prioritize Test Data Management, a critical practice in the era of data-driven operations. The importance of precision in handling sensitive data cannot be overstated. This article explores the key reasons why utilizing Test Data Management (TDM) for sensitive data is not just beneficial but imperative for ensuring smooth operations and minimizing risks.

Read Post

SecuritySenses

Read more about Maximizing Efficiency: The Significance of TDM for Sensitive Data

Code Signing with Azure Key Vault: Create a Key Vault, Generate CSR and Import Certificate

Dec 7, 2023 By SignMyCode In SignMyCode

In today’s digital landscape, where data security is paramount, protecting your private keys, generating certificates, and managing secure connections is crucial. Microsoft Azure KeyVault offers a robust and reliable solution for handling these critical security aspects. Follow the Video to Manage your Keys and Code Signing Certificates on Microsoft Azure KeyVault. You can Buy Code Signing Certificates for Azure Key Vault to Digitally Sign your Executables and Packages.

View Video

SignMyCode

Read more about Code Signing with Azure Key Vault: Create a Key Vault, Generate CSR and Import Certificate

Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions

Dec 7, 2023 By Guest Expert In GitGuardian

In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team.

Read Post

GitGuardian

Read more about Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions

Connect Using EC2 Instance Connect via Teleport

Dec 6, 2023 By Marco Dinis In Teleport

Amazon EC2 is the most popular cloud computing environment and powers a great part of the Internet. Accessing EC2 Instances is done using SSH, which typically involves generating and managing SSH Keys. This is not easy when you have a large fleet/team.

Read Post

Teleport

Read more about Connect Using EC2 Instance Connect via Teleport

AI Reality Check: Navigating High False Positives Today | Proceed with Caution | Razorthorn Security

Dec 6, 2023 By Razorthorn In Razorthorn

In this eye-opening video, we dive deep into the current state of AI, shedding light on a significant challenge it grapples with - a high false positive rate. While optimism is warranted for the future, I candidly express my belief that we are still a number of years away from achieving true production readiness.

View Video