Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

NEWS ANALYSIS: Armorblox raises $30 million and joins a growing list of well-heeled startups taking a stab addressing one of cybersecurity’s most difficult problems: keeping malicious hackers out of corporate mailboxes. [Read More]
Full-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor to focus on improving security. [Read More]
NEWS ANALYSIS: CrowdStrike said it will shell out a whopping $400 million to snap up a Splunk competitor and present itself as the security data lake for enterprise customers. We look at how the move affects the EDR, xDR and SIEM categories. [Read More]
Apple has published an updated Platform Security Guide, providing detailed technical explanations on the security features and technology implemented in its products. [Read More]
Code security firm Spectral emerges from stealth mode with $6.2 million in seed funding. [Read More]
Enterprise cybersecurity powerhouse Palo Alto spends $156 million to acquire an early-stage DevOps security startup. [Read More]
France's national cybersecurity agency is publicly blaming the Sandworm APT group for a string of long-term intrusions at European software and web hosting organizations. [Read More]
Forescout researchers warn that improperly generated ISNs (Initial Sequence Numbers) leave TCP connections exposed to malicious hacker attacks. [Read More]
Microsoft drops a mega patch batch for February: 56 documented vulnerabilities, 11 rated critical, one under active attack. [Read More]
Endpoint security firm SentinelOne expects the $155 million deal to buy Scalyr will speed up its push into the lucrative XDR (Extended Detection and Response) market. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Gunter Ollmann's picture
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
Gunter Ollmann's picture
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
Preston Hogue's picture
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Preston Hogue's picture
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Preston Hogue's picture
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
Preston Hogue's picture
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
Preston Hogue's picture
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
Preston Hogue's picture
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.