DevOps
Detecting Iterator Invalidation with CodeQL
by Kevin Higgs, Montgomery Blair High School Iterator invalidation is a common and subtle class of C++ bugs that often leads to exploitable vulnerabilities. During my Trail of Bits internship this summer, ...
PrivacyRaven Has Left the Nest
By Suha S. Hussain, Georgia Tech If you work on deep learning systems, check out our new tool, PrivacyRaven—it’s a Python library that equips engineers and researchers with a comprehensive testing suite ...
How ZeroNorth is driving the DevSecOps revolution for the good of software, with new capabilities
Where software was once on the sidelines of organizational success today, it is front and center—with businesses under… The post How ZeroNorth is driving the DevSecOps revolution for the good of software, ...
What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA
The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report - across the software industry drawing from data and experience from 130 organizations. Rather than ...
Troy Hunt Flags Up ‘Sensational’ Sextortion Bug in Grindr
Grindr, the popular dating app, had a ridiculous bug in its password-recovery flow. To make matters worse, Grindr ignored the bug for a week ...
Let’s Celebrate by Bringing Security and DevOps Together!
If you connect it, protect it. According to National Cybersecurity Awareness Month (NCSAM), “If everyone does their… The post Let’s Celebrate by Bringing Security and DevOps Together! appeared first on ZeroNorth ...
Don’t Look Now but National Cybersecurity Awareness Month (NCSAM) is Here
This month marks the 17th anniversary of National Cybersecurity Awareness Month (NCSAM), a joint effort between industry,… The post Don’t Look Now but National Cybersecurity Awareness Month (NCSAM) is Here appeared first ...
[Webinar Recap] Secure Multi-Cloud Environments: Intelligent Cloud Security Posture Management
We recap the important information security and risk management leaders need to know when it comes to Cloud Security Posture Management (CSPM) The post [Webinar Recap] Secure Multi-Cloud Environments: Intelligent Cloud Security ...
Splunk Phantom Integration: Maximizing Automation for Incident Detection and Remediation
Automation is becoming more and more prevalent and sought after by Security Operations Centers (SOC). This is driven by the increasing cybersecurity skills gap, intensified by the volume of security data and ...
How to Measure Effectiveness of Your Security Operations with SOAR and Business Intelligence (+Video)
Rising above the daily firefighting to actually measure the effectiveness of your security operations is easier said than done. This,... The post How to Measure Effectiveness of Your Security Operations with SOAR ...
