Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Cisco Squashes High-Severity Bug in Web Protection Solution
North Korean Hackers Use Fake Job Offers to Deliver New macOS Malware
Evasive 'DarkTortilla' Crypter Delivers RATs, Targeted Malware
SynSaber Raises $13 Million for OT Asset and Network Monitoring Solution
Russian Man Extradited to US for Laundering Ryuk Ransomware Money
long dotted

NEWS & INDUSTRY UPDATES

Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants
In testimony before the the US House Intelligence Committee, security pros at Google and Citizen Lab make fresh calls for a wholesale clampdown on problematic commercial spyware vendors. [Read More]
Microsoft Catches Austrian Company Exploiting Windows, Adobe Zero-Days
Redmond's security research teams intercept multiple zero-day attacks attributed to DSIRF, a private cyber mercenary firm operating out of Austria. [Read More]
European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
Reports say a Greek lawmaker in the European Parliament was targeted with malicious links trying to plant the Predator spyware program. [Read More]
PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers
A major security vulnerability in the open source PrestaShop software is being exploited in the wild and approximately 300,000 merchant shops are at risk. [Read More]
SonicWall Warns of Critical GMS SQL Injection Vulnerability
SonicWall ships urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the defect exposes businesses to remote hacker attacks. [Read More]
Intezer Documents Powerful 'Lightning Framework' Linux Malware
Researchers at Intezer are documenting the intricacies of Lightning Framework, an undetected Swiss Army Knife-like Linux malware capable of installing rootkits. [Read More]
Understanding the Evolution of Cybercrime to Predict its Future
A study of the evolution of cybercrime suggests the threat will only get worse as financially motivated malware gangs start to mimic the operations of legitimate businesses. [Read More]
Anvilogic Scores $25 Million Series B to Tackle SOC Modernization
Silicon Valley SOC startup Anvilogic has deposited $25 million in a new investment round led by Outpost Ventures. [Read More]
Apple Ships Urgent Security Patches for macOS, iOS
Apple's security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms. [Read More]
Push Security Banks $4 Million Seed Funding
British startup Push Security has banked $4 million in early-stage funding to help secure SaaS app deployments. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Ashley Arbuckle's picture
Why Every Organization Needs to Rethink Workload Protection
Ashley Arbuckle - Application Security
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.
Read full story
Preston Hogue's picture
Shifting to DevSecOps Is as Much About Culture as Technology and Methodology
Preston Hogue - Application Security
This move to container-based development and agile methodologies has been great for innovation and iteration, but it’s also brought a massive shift in the application landscape with real impact on security teams.
Read full story
Ashley Arbuckle's picture
5 Questions to Help Chart Your Course to Zero Trust Security
Ashley Arbuckle - Network Security
As organizations digitize their business and make these shifts, they need to know what and who they can trust.
Read full story
Laurence Pitt's picture
When Good Apps Go Bad: Protecting Your Data Through App Permissions
Laurence Pitt - Mobile Security
By paying just a bit more attention to the permissions you are allowing on your phone or computer, you could protect yourself from a much more significant headache down the road.
Read full story
Travis Greene's picture
Privacy Protection Means Encryption at the Application Layer
Travis Greene - Privacy
While GDPR doesn’t require encryption, there are four mentions of encryption in GDPR that provide real incentives for organizations to use encryption.
Read full story
Alastair Paterson's picture
Four Ways to Mitigate Cyber Risks for ERP Applications
Alastair Paterson - Application Security
A confluence of factors is putting hundreds of thousands of implementations of Enterprise Resource Planning (ERP) applications at risk of cyber attacks.
Read full story
Jim Ivers's picture
Why do the Vast Majority of Applications Still Not Undergo Security Testing?
Jim Ivers - Application Security
Applications contain three specific components where vulnerabilities can be found, and each must be tested in a different way for security testing to be complete.
Read full story
Dan Cornell's picture
What Sort of Testing Do My Applications Need?
Dan Cornell - Application Security
As you start to get an idea of what your application portfolio looks like, you then need to start determining the specific risks that applications can expose your organization to.
Read full story
Alan Cohen's picture
The Truth About Micro-Segmentation (Part 2)
Alan Cohen - Application Security
From a security perspective, to create understand application dependencies you need not only to understand the flows and servers, you need to understand the ports and underlying processes.
Read full story
Preston Hogue's picture
From Monolithic to Modular: Agile App Security in the DevOps Era
Preston Hogue - Application Security
Today an organization may have thousands of apps on the internet, but having thousands of monolithic security devices just isn’t practical.
Read full story