%term

CTI Roundup: Q1 Exploit Trends, HijackLoader, & the State of Pentesting

May 15, 2024 By Tanium In Tanium

Kaspersky reveals the top exploit and vulnerability trends for the first quarter of 2024, HijackLoader evolves with new evasion techniques, and Cobalt releases its 2024 State of Pentesting report.

Read Post

Tanium

Read more about CTI Roundup: Q1 Exploit Trends, HijackLoader, & the State of Pentesting

AppSec spring cleaning checklist

May 13, 2024 By Mariah Gresham In Snyk

Something about the springtime sunshine and blooming flowers inspires many of us to start cleaning. For some, it might be tackling the backyard shed that accumulated cobwebs over the winter or that overflowing junk drawer in the corner of the kitchen. As you survey your home and yard and decide where to start cleaning, it’s also a great time to look at your application security program and see if any of your existing processes need some tidying up. Here are a few great places to start.

Read Post

Snyk

Read more about AppSec spring cleaning checklist

The 443 Podcast - Episode 291 - Picking Secure Technologies

May 13, 2024 By WatchGuard In WatchGuard

This week on the podcast, we cover guidance from CISA and its international partners that guides organizations on the right questions to ask during the technology procurement process to make sure the products they buy are secure. Before that, we cover Microsoft's research into a common vulnerability impacting over 4 billion Android application installations followed by a discussion on the Tunnel Vision VPN vulnerability.

View Video

WatchGuard

Read more about The 443 Podcast - Episode 291 - Picking Secure Technologies

How to Watch for Changes in Node.js

May 12, 2024 By Snyk In Snyk

Watch the full video for more... About Snyk Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about How to Watch for Changes in Node.js

What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices

May 11, 2024 By Venkatesh Sundar In Indusface

Cross-Site Scripting (XSS) is a security vulnerability that allows an attacker to inject malicious code into a web page viewed by other users, usually in a script. When other users view the compromised page, the injected code can execute and steal sensitive information or perform malicious actions on their behalf. This attack typically targets web applications that allow user-generated content or input, such as message boards, comment sections, or search boxes.

Read Post

Indusface

Read more about What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices

What is Corepack in Node.js?

May 11, 2024 By Snyk In Snyk

Watch the full video for more... About Snyk Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about What is Corepack in Node.js?

How to Test in Node.js with the New Test Runner

May 10, 2024 By Snyk In Snyk

Watch the full video for more... About Snyk Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about How to Test in Node.js with the New Test Runner

The Top 5 Free Vulnerability Scanners of 2024

May 10, 2024 By Charlie Klein In Jit

Free vulnerability scanners are a great way to begin scanning your cloud applications and infrastructure for security issues, and proactively resolving vulnerabilities before attackers can find them. These tools can be implemented at every stage of the SDLC, from code planning to production, depending on your preferences and objectives. As a domain, vulnerability scanners cover use cases such as code scanning, dependency reviews, and secret detection.

Read Post

Jit

Read more about The Top 5 Free Vulnerability Scanners of 2024

Launching SwyftComply on AppTrana WAAP

May 10, 2024 By Indusface In Indusface

Overview: Periodic security audits and compliance requirements have been a major source of stress for IT and security leaders. Especially as they demand a clean, zero-vulnerability report every 6-12 months in highly regulated industries. That is a big challenge in the face of hundreds of open vulnerabilities and zero-days. With this in mind, we have launched, SwyftComply on AppTrana WAAP. With SwyftComply, you’ll be able to get a clean, zero-vulnerability report within 72 hours.

View Video

Indusface

Read more about Launching SwyftComply on AppTrana WAAP

Getting Test Coverage in Node.js

May 9, 2024 By Snyk In Snyk

Watch the full video for more... ⚒️ About Snyk ⚒️ Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video