Vulnerability

A developer's best friend: Lessons learned from our canine companions about AI code security

Aug 26, 2024 By Krysta Williams-Timm In Snyk

Happy International Dog Day! This official holiday celebrates our furry friends and the joy they bring to our lives! Today is particularly special for all of us at Snyk because of our four-legged mascot, Patch the Doberman. But what exactly does a dog have to do with application security? Here at Snyk, we see the idea of a “guard dog” protecting someone’s home as similar to how AppSec solutions can protect today’s development practices.

Read Post

Snyk

Read more about A developer's best friend: Lessons learned from our canine companions about AI code security

How AI Almost Got Me FIRED: Part 3

Aug 26, 2024 By Snyk In Snyk

How many jobs has AI lost me now?...Joking! In this video we show you the AI coding tool Cody, and how to use Gemini Pro 1.5 and Mixtral alongside it. We also show how to spot and fix any vulnerabilities that get generated.

View Video

Snyk

Read more about How AI Almost Got Me FIRED: Part 3

The Hidden Risks of Internet of Bodies (IoB): Cybersecurity in Healthcare Devices

Aug 26, 2024 By Nahla Davies In LevelBlue

The Internet of Bodies, or IoB, represents a groundbreaking shift in the healthcare industry, connecting vital health management devices like pacemakers, insulin pumps, and health monitors to the Internet. While these advancements come with many remarkable benefits, they also expose these essential devices to new cybersecurity vulnerabilities.

Read Post

LevelBlue

Read more about The Hidden Risks of Internet of Bodies (IoB): Cybersecurity in Healthcare Devices

Navigating the AI-powered development era in financial services

Aug 26, 2024 By Lawrence Crowther In Snyk

Australian and New Zealand financial service institutions (FSIs) are facing pressure to innovate quickly while maintaining robust security and regulatory compliance. Many, like ANZ Bank and Commonwealth Bank, are exploring Generative AI to accelerate software development, but is it a silver bullet?

Read Post

Snyk

Read more about Navigating the AI-powered development era in financial services

Seemplicity's Remediation Operations Platform | Product Explainer

Aug 25, 2024 By Seemplicity In Seemplicity

Discover Seemplicity Remediation Operations (RemOps) Platform. See how Seemplicity's AI-powered platform streamlines exposure management, integrates with existing tools, and automates AI-powered tailored remediation plans. Learn how our platform helps your security and development teams collaborate effectively, rapidly address vulnerabilities, and enhance compliance, productivity, and overall security posture. Reduce risks across multiple domains and stay ahead in today's evolving threat landscape with Seemplicity's RemOps Platform.

View Video

Seemplicity

Read more about Seemplicity's Remediation Operations Platform | Product Explainer

AI Generate Code with NoSQL Injection

Aug 25, 2024 By Snyk In Snyk

Watch the full video for more...

View Video

Snyk

Read more about AI Generate Code with NoSQL Injection

Google Fixes Actively Exploited Chrome Vulnerability

Aug 23, 2024 By Foresiet In Foresiet

Google has recently released an urgent security update to fix a high-severity vulnerability in its Chrome browser. This flaw, identified as CVE-2024-7971, has been actively exploited by attackers, posing a significant risk to users. The vulnerability, rooted in the V8 JavaScript and WebAssembly engine, could allow remote attackers to execute harmful code via specially crafted web pages. As cyber threats continue to evolve, it is crucial for users to stay informed and ensure their browsers are up to date.

Read Post

Foresiet

Read more about Google Fixes Actively Exploited Chrome Vulnerability

Elevate Your Security Strategy with Effective Vulnerability Prioritization

Aug 23, 2024 By Kevin Swan In Seemplicity

Vulnerability prioritization is essential for organizations to efficiently allocate resources, reduce risk, and protect critical assets. However, with an increasing number of vulnerability scanning tools in use, security teams face a growing backlog of findings. This overwhelming volume of data can lead to analysis paralysis, where critical vulnerabilities remain unaddressed while minor issues consume valuable time and resources.

Read Post

Seemplicity

Read more about Elevate Your Security Strategy with Effective Vulnerability Prioritization

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Aug 22, 2024 By Andres Ramos In Arctic Wolf

On August 21, 2024, SolarWinds released a second hotfix for SolarWinds Web Help Desk (WHD) version 12.8.3. This hotfix addresses a newly disclosed hardcoded credential vulnerability (CVE-2024-28987) that allows a remote, unauthenticated attacker to access internal functionality and modify data. Additionally, the hotfix resolves the Java deserialization remote code execution (RCE) vulnerability (CVE-2024-28986) disclosed the previous week and fixes functionality issues introduced by the first hotfix.

Read Post

Arctic Wolf

Read more about CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Three trends shaping software supply chain security today

Aug 22, 2024 By Erin Cullen In Snyk

Building software continues to look like an assembly line, with developers pulling resources from across the web to create applications. Although third-party resources have played an essential role in developing software for many years, the way that development teams use these external components looks different today.

Read Post