Organizations have seen a dramatic shift towards digital transformation in recent years, driven in part by the COVID-19 pandemic and the work from home phenomenon.  Part of that transformation included a shift to an increased use of applications in and across the cloud.  Applications store, process and exchange sensitive data ... Read More

One of the most common issues with security testing of applications is being inundated with vulnerability reports, containing too many vulnerabilities for a typical development team to handle.  This includes reports from testing tools like SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing). The problem isn't just ... Read More

A recent article in Reportdoor.com started with these words, "Every Company is Now a Software Company."  With COVID still causing disruption for every organization, this has truly become a truth for every enterprise.  The article focused specifically on the state of web application security, and a report created by Cyentia ... Read More

A new ESG report found that nearly half of all cybersecurity alerts are false positives, and 75% of companies spend an equal amount of time, or more, on them than on actual attacks. Read on to find out how to get proof of exploitability on reported attacks. The post 75% ... Read More

A new article in TechTimes is highlighting the results of a study on the web application security for Insurers in Europe.  The study found that the web applications of major insurance companies in Europe contain security weaknesses.  The study looked at the web applications of Europe's top 10 insurance providers, ... Read More

InfoSecurity Magazine recently reported that the volume of compromised records globally has increased on average by 224% each year since 2017.  The astounding gain by cyber criminals is a good reminder for any organization to review their security practices for all their internet facing properties and the security of their ... Read More

Many organizations are moving to a CI/CD (Continuous Integration/Continuous Delivery) architecture in the engineering organizations. While this sounds great, it's also caused issues in trying to secure applications in production. RASP (Runtime Application Self-Protection) solves the security problems.  The post How RASP solves the CI/CD Application Security Problem appeared first on ... Read More

In case you missed it, the President of the United States of America, Joe Biden, issued a new executive order in May of 2021, aimed at improving the nation's cyber security. With increase in threats and almost daily stories of new companies being the subject of ransomware and data breaches, ... Read More

A new article in Dark Reading discusses the "4 Ways CISOs Can Strengthen Their Security Resilience." The article caught my attention because one of the 4 areas was to "Secure Workloads and Kubernetes Environments." I was surprised by the inclusion of this requirement not because it isn't important, but because it ... Read More

Forbes Magazine recently ran an article titled "If Your Cloud Security Is Static, You May Miss Indicators of Attack."  The premise of the article, that organizations are using outdated tools to address a growing and quickly changing part of their application infrastructure, namely the cloud. The post If Your Cloud Security ... Read More