DevOps
Beware of Expired or Compromised Code Signing Certificates
Given the alarming rise in software supply chain attacks and consumers growing more cyber-aware and security-conscious, software providers need to demonstrate a stronger commitment to securing their software and applications and fostering ...
Exposed Hugging Face APIs Opened AI Models to Cyberattacks
Security flaws found in both Hugging Face and GitHub repositories exposed almost 1,700 API tokens, opening up AI developers to supply chain and other attacks and putting a brighter spotlight on the ...
What Are AWS Service Control Policies (SCP)? A Complete Guide
The cloud is all about innovation at a speed never before possible. This can often lead to rapid development sprints and a proliferation of identities and infrastructure – and with that, excessive ...
DevSecOps: A beginner’s guide
Creating software can be at equal times challenging and rewarding. Developers face the unrelenting demand to deliver feature-rich applications and value to their users and customers. Open source components, which comprise up ...
Application Security Trends & Challenges with Tanya Janca
In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since ...
How to Build a Phishing Playbook Part 1: Preparation
Automating response to phishing attacks remains one of the core use-cases of SOAR platforms. In 2022, the Anti-Phishing Working Group (APWG) logged ~4.7 million phishing attacks. Since 2019, the number of phishing ...
TikTok Ban Banned — Montana Loses in US Court
For you plague, still: States can’t just ban apps, says federal judge ...
Customer Spotlight: Best Practices from Cimpress on Implementing JIT Access at Scale
Explore how global company Cimpress is implementing Just-in-Time (JIT) Access at scale to enhance efficiency and security in their tech infrastructure. Conor Mancone, Principal Application Security Engineer at Cimpress, shares insights on ...
VirusTotal: Generative AI is Great at Detecting, Identifying Malware
Generative AI engines similar to OpenAI’s ChatGPT and Google’s Bard will become indispensable tools for enterprises and cybersecurity operations in detecting and analyzing malicious code in a real-world environment, according to researchers ...
Your end of year security awareness checklist
The post Your end of year security awareness checklist appeared first on Click Armor ...