Application Security

Application Security

Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082

On September 29, Microsoft security researchers announced two new zero-day vulnerabilities, CVE-2022-41040 and CVE-2022-41082 affecting Microsoft Exchange Server. The vulnerabilities allow remote code execution (RCE) when used in tandem. It is important ...
NIST cybersecurity framework

How cybersecurity frameworks apply to web application security

Cybersecurity frameworks are formalized sets of guidelines for defining cybersecurity policies. This post explains why they are so useful and how you can use the most popular NIST framework when building your ...
supply chain cloud security manufacturing remote

Secure Software Factory: Protecting Your Supply Chain

Software supply chains are vital, especially in the modern economy where businesses must compete against each other to ensure continuous delivery for end users and clients. Without a secure and efficient software ...
Security Boulevard
Defend from within

Defend from within | Intrusion suppression with runtime protection, continuous monitoring & application security | Contrast Security

The enemy is at the gates. The enemy is inside our computer networks. The enemy is within our very code, training its sights on the technology that runs the world.  ...
How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution

How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution

The Imperva Red Team recently discovered and disclosed CVE-2022-40764, a command injection vulnerability affecting Snyk CLI. Snyk is a security company best known for its dependency vulnerability management software. The disclosed command ...
white house supply chain

White House Releases Software Supply Chain Security Guidance

The White House published a memo requiring agencies to comply with guidance from the Office of Management and Budget (OMB) which aims to improve software supply chain integrity and security.  Signed by OMB Director ...
Security Boulevard
app Google application security

Personal App Use on the Rise – And So Are Cloud Security Risks

Shadow IT and BYOD are not new problems, but the pandemic highlighted just how much workers rely on cloud applications to increase their productivity. The use of personal apps on the corporate ...
Security Boulevard

Mobile Application Penetration Testing

Community Healthcare Provider Gains Added PHI Security, Improved Vulnerability Management on a Limited Budget. The post Mobile Application Penetration Testing appeared first on Digital Defense ...
vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

The Evolution of Vulnerability Scanning and Pentesting

An awareness of unprotected vulnerabilities and risks is the starting point for determining the best way to align resources with cybersecurity. By conducting regular real-world attack testing, security operations can illuminate weaknesses ...
Security Boulevard
AppSec Salt Security API security rise GitOps Finite State API APIs tokenization

API Security Incidents Rise, Despite Confidence in Protection

Organizations are battling a rising number of targeted attacks on application programming interfaces (APIs) and while confidence in API protection is high, the onslaught of attacks indicates a disconnect between adequate protection ...
Security Boulevard