Hot Topics

Cybersecurity

Balbix Guide to XZ Utils Backdoor

| | asset inventory, CAASM, cyber resilience, Cybersecurity Risk Management, Vulnerability Management
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Blog – Balbix
county cyber attacks

The XZ backdoor: What security managers can learn

| | backdoor, CISO Suite, Cyber Security News, Home, Malware, malware attacks, SBN News, Security Awareness, Security News, Seed n soil posts
The post The XZ backdoor: What security managers can learn appeared first on Click Armor ...
Click Armor
shadow AI, security, Cisco cybersecurity

Shadow AI: The Murky Threat to Enterprise Adoption of Generative AI

| | ai acceptable use policies, Data Privacy, GenAI, generative AI, security, Shadow AI
As AI continues its relentless march into enterprises, an insidious threat lurks in the shadows that could undermine its widespread adoption: Shadow AI ...
Security Boulevard
Seal of the Cybersecurity & Infrastructure Security Agency

Sisense Hacked: CISA Warns Customers at Risk

| | Amazon Web Services (AWS), aws, AWS access keys, AWS bucket, cisa, CISA Advisories, CISA Advisory, CISA Alert, CISA warning, CISA.gov, depth, NSA/CISA, Sangram Dash, SB Blogwatch, Sisense
A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” ...
Security Boulevard
Are custom security tests a product security superpower? ⎜Keshav Malik (LinkedIn)

Are custom security tests a product security superpower? ⎜Keshav Malik (LinkedIn)

| | API security, Application Security, Custom Security Tests, Product Security
Learn from our interview with Keshav how to better write your custom security tests and why they're necessary for your Product Security Program ...
Escape - The API Security Blog
How to secure cloud-native applications

How to secure cloud-native applications

| | Application Security, Cloud Security, Cloud-native applications security
This article is based on the Elephant in AppSec podcast episode with Mihir Shah, a Senior Staff Application Security Engineer at ForgeRock, and the author of the Cloud Native Software Security Handbook ...
Escape - The API Security Blog
How to Address API Sprawl: The Challenges and Opportunities of API Governance

The challenges and opportunities of API governance

| | API discovery, API governance, API management, API security, API sprawl, Application Security
Learn more about the concept of API sprawl, its implications, and the challenges and importance of API governance ...
Escape - The API Security Blog

Unlocking the Power of Data-Centric SAP Security: A Look at Pathlock CAC Through Kuppinger Cole’s Lens

| | Access Governance, Application Security, Vulnerability Management
Last month, Kuppinger Cole, a globally recognized analyst organization, took a closer look at Pathlock’s Cybersecurity Application Controls (CAC) product in a detailed Executive View report. Known for their impartial and thorough ...
Pathlock
Cybersecurity Insights with Contrast CISO David Lindner | 4/12/24

Cybersecurity Insights with Contrast CISO David Lindner | 4/12/24

| | AI, cyberespionage, Microsoft, nation-states
Insight #1 I was at the Kernelcon conference last week and heard that Gen AI is going to wreck development because there will be more vulnerabilities than ever. In the same breath, ...
AppSec Observer

Findings on Exposed Passwords in Active Directory

| | Active Directory, Password Security, Password Tips
Password security and exposed passwords in Active Directory still matter because weak and compromised passwords lead to data breaches. The post Findings on Exposed Passwords in Active Directory appeared first on Enzoic ...
Blog | Enzoic
Load more