Saturday, April 26, 2025

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library

Home
Security Creators Network
Webinars
Events
- Upcoming Events
- On-Demand Events
Sponsored Content
Chat
Library
Related Sites
Media Kit
About
Sponsor

Analytics
AppSec
CISO
Cloud
DevOps
GRC
Identity
Incident Response
IoT / ICS
Threats / Breaches
More
Humor

Popular Post

A fat cat in an orange bucket

200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU

Richi Jennings | April 25, 2025 | Amazon S3, Amazon S3 bucket, Amazon Web Services, Amazon Web Services (AWS), amazon web services compliance, AWS bucket, AWS GDPR Compliance Shared Responsibility, AWS S3 BUCKET, aws s3 storage, breach of privacy, bucket policy, buckets, California Consumer Privacy Act (CCPA), CCPA, CCPA Compliance, cybersecurity challenges in remote working, EU GDPR, GDPR, GDPR (General Data Protection Regulation), GDPR compliance, gdpr eu, online surveillance, Privacy, remote work, remote work cyber security, Remote Work Cybersecurity, remote work enviornment, remote work productivity, Remote Work Security, remote worker management, remote workers, remote workforce, Remote Workforce Security, remote working, remote working risks, S3, S3 bucket, S3 buckets, SB Blogwatch, spyware, storage bucket, WorkComposer

Don’t say ‘spyware’—21 million screenshots in one open bucket ...

Security Boulevard

A pig in a muddy farm field

Asian Scam Farms: ‘Industrial Scale,’ Warns UN Report

Richi Jennings | April 23, 2025 | #CryptoScam, #InvestmentScam, #PigButchering, Amazon Phishing Scams, AppleCare Warranty Scam, bank scam, bitcoin ATM scam, bitcoin scam, bitcoin transfer scams, gift card, gift card fraud, Gift Card Gang, gift card scams, gift cards, GiftCardScams, online romance scam, pig butchering, Pig Butchering Scams, romance, romance fraud, romance scam, romance scammers, romance scams, SB Blogwatch, social media intelligence, United Nations, UNODC

Bacon Redux: Pig butchering and other serious scams still thriving, despite crackdowns in Dubai and Myanmar ...

Security Boulevard

In traditional Chinese writing, the word for “crisis” combines the characters for “danger” and “opportunity”

MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’

Richi Jennings | April 16, 2025 | cisa, CISA Research, common vulnerabilities and exposures, CVE, CVE (Common Vulnerabilities and Exposures), CVE database, CVE Program, Cybersecurity and Infrastructure Security Agency, cybersecurity funding, Department of Homeland Security, DHS, Funding & Grants, MITRE, MITRE Framework, National Institute of Standards and Technology, National Institute of Standards and Technology (NIST), NIST, SB Blogwatch, U.S. Department of Homeland Security

These are “interesting” times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16 ...

Security Boulevard

Oracle executive chairman Larry Ellison

Oracle Hack: From ‘Deny-Deny-Deny’ to ‘Oops-Oops-Oops’

Richi Jennings | April 4, 2025 | CVE-2021-35587, Larry Ellison, OCI, Oracle, Oracle Access Manager, Oracle Classic, Oracle cloud, Oracle Cloud Classic, Oracle Cloud infrastructure, Oracle Fusion Cloud, rose87168, SB Blogwatch

Classic “wordplay:” Larry’s PR angels desperately dance on the head of a pin ...

Security Boulevard

A PRC flag flies atop a metal flagpole

App Stores OK’ed VPNs Run by China PLA

Richi Jennings | April 3, 2025 | 360 Security Technology, App Store, App Stores, Apple, CCP, china, china espionage, China-nexus cyber espionage, Chinese, Chinese Communists, Chinese cyber espionage, chinese government, free vpn app, google, Google Play Store, Peoples Republic of China, Privacy, Qihoo 360, SB Blogwatch, Signal Secure VPN, Snap VPN, Tech Transparency Project, Thunder VPN, TikTok, TikTok Ban, Turbo VPN, VPN, VPN Proxy Master

Bad Apple: Chinese firm banned by the U.S. is the shady entity behind a clutch of free VPN apps—with over a million downloads ...

Security Boulevard

3D rendering capturing the double helix structure of DNA against a blue backdrop, highlighting the intricate beauty of life’s genetic code

Spit Happens: 23andMe is Bankrupt — Secure Your DNA Data NOW Already

Richi Jennings | March 24, 2025 | 23andMe, Anne Wojcicki, DNA, Privacy, SB Blogwatch

Double hell-ix: Personal genomics firm tells customers your data is safe—but few will trust the loss-making biotech pioneer ...

Security Boulevard

Microsoft CEO Satya Nadella

Microsoft Won’t Fix This Bad Zero Day (Despite Wide Abuse)

Richi Jennings | March 20, 2025 | .lnk, APT37, APT43, BitterAPT, china espionage, CWE-451, Cybersecurity zero-day flaw, Earth Anansi, Earth Imp, Earth Kumiho, Earth Manticore, Evil Corp., InkySquid, Iranian hackers, kimsuky, Kimsuky hacking group, Konni, LNK file malware, LNKFiles, malicious LNK files, Microsoft, Microsoft Windows Zero Day, North Korean cyber espionage, russia hacker, SB Blogwatch, ScarCruft, Windows, ZDI-CAN-25373, Zero Day Attacks, zero day exploit attack, Zero Day Initiative, Zero Day Initiative (ZDI), zero-day, zero-day attack, Zero-Day Bug

Satya says NO: Redmond blames Windows users, rather than solve 30-year-old bug—exploited since 2017 ...

Security Boulevard

Cartoon of Elon Musk looking sad

No, Elon — X DDoS was NOT by Ukraine

Richi Jennings | March 12, 2025 | Cloudflare DDoS Protection, cyber attacks during ukraine war, cyber attacks russia, Dark Storm Team, ddos, DDoS attack, Denial of Service, Denial of Service (DoS) attacks, denial of service attacks, denial of service vulnerability, distributed denial of service, Distributed denial of service (DDoS) attacks, distributed denial of service attack, Elon Musk, elon musk twitter, hacktivism ukraine cyber-attacks, Russia, Russia-Ukraine, russia-ukraine conflict, Russia's War on Ukraine, SB Blogwatch, social media, Social Media Attack, social media attacks, social media cyber attacks, Social Media Cybercrime, Social Media Exploits, Ukraine, ukraine conflict, Ukraine Cyber War, Ukraine-Russia War, Ukraine/European Security, X

X marks the botnet: Outage outrage was a Ukrainian cyberattack, implies our favorite African billionaire comedy villain ...

Security Boulevard

Representative Raja Krishnamoorthi (D-Illinois), Rob Joyce (former NSA director of cybersecurity), Representative John Moolenaar (R-Michigan)

‘Ban These Chinese Routers NOW,’ Cries House Committee

Richi Jennings | March 7, 2025 | Attacking Routers, china, China-linked Hackers, Chinese, Chinese Communists, Chinese devices, chinese government, Chinese hardware, Chinese state-sponsored cyberattacks, Commerce Department, Congress, Consumer IoT, flawed routers, House of Representatives, Internet of things, Internet of Things (IoT), Internet of Things cyber security, internetof things, internetofthings, internte-of-things, iot, Jeff Barney, John Moolenaar, OpenWrt, Peoples Republic of China, Raja Krishnamoorthi, Rob Joyce, router compromise, router exploit, router firmware security flaw, router hacking, router hijacking, router security, router vulnerabilities, SB Blogwatch, SOHO, SOHO and IoT device vulnerabilities, TP-LINK, U.S. Commerce Department, US Congress

Sino stoppage scheme: TP-Link in crosshairs, along with other brands ...

Security Boulevard

Apple CEO Tim Cook, looking grim

Apple vs. UK — ADP E2EE Back Door Faceoff

Richi Jennings | March 5, 2025 | #nobackdoors, ADP, Apple, Apple Data Security, Apple iCloud, back door, backdoor, backdoors, Child Abuse, child exploitation, child porn, child pornography, child sexual exploitation, cloud access, Compliance, CSAM, CSEM, E2EE, encryption, end-to-end encryption, five eyes, Five Eyes alliance, Five Eyes Intelligence Alliance, Government & Regulatory News, government access, Investigatory Powers Act, Privacy, SB Blogwatch, uk, UK Investigatory Powers Act, Won’t somebody think of the children?

Won’t Tim Think of the Children? End-to-end encryption battle continues ...

Security Boulevard

Techstrong TV

Click full-screen to enable volume control

Watch latest episodes and shows

AI Infrastructure Field Day

Upcoming Webinars

Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations

Is DevEx the Same as DevSecOps?

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

Most Read on the Boulevard

Upwind Adds Ability to Detect API Threats to Cloud Security Platform

Security Tools: First, They’re Good, Then They’re Bad

Asian Scam Farms: ‘Industrial Scale,’ Warns UN Report

Augmented, Not Replaced – Humans Outpace AI in Simbian’s SOC Hackathon Champions

Don’t Lock Up Peanut Butter in Fort Knox: The Smart Approach to Data Classification

Shadow downloads – How developers have become the new perimeter

The AI Bot Epidemic: The Imperva 2025 Bad Bot Report

A Comparative Analysis of Anthropic’s Model Context Protocol and Google’s Agent-to-Agent Protocol

Verizon 2025 DBIR: Tenable Research Collaboration Shines a Spotlight on CVE Remediation Trends

CVE-2025-3248: RCE vulnerability in Langflow

Industry Spotlight

Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence

North Korean Group Creates Fake Crypto Firms in Job Complex Scam

April 25, 2025 Jeffrey Burt | Yesterday 0

Application Security Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security DevOps Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities

200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU

April 25, 2025 Richi Jennings | Yesterday 0

Cloud Security Cybersecurity Data Security Endpoint Featured Incident Response Industry Spotlight Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threat Intelligence Vulnerabilities

ARMO: io_uring Interface Creates Security ‘Blind Spot’ in Linux

April 24, 2025 Jeffrey Burt | 1 day ago 0

Top Stories

AI and Machine Learning in Security AI and ML in Security Cybersecurity Featured News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

HiddenLayer Researchers Surface Prompt Technique Bypassing All AI Guardrails

April 25, 2025 Michael Vizard | Yesterday 0

Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight

Harness Adds Traceable WAAP to Secure Web Apps and APIs

April 24, 2025 Michael Vizard | 1 day ago 0

Cloud Security Cyberlaw Cybersecurity Data Privacy Data Security DevOps Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches

Asian Scam Farms: ‘Industrial Scale,’ Warns UN Report

April 23, 2025 Richi Jennings | 2 days ago 0

Download Free eBook

7 Must-Read eBooks for Security Professionals

Join the Community

Add your blog to Security Creators Network
Write for Security Boulevard
Bloggers Meetup and Awards
Ask a Question
Email: info@securityboulevard.com

Useful Links

About
Media Kit
Sponsor Info
Copyright
TOS
DMCA Compliance Statement
Privacy Policy

Related Sites

Techstrong Group
Cloud Native Now
DevOps.com
Digital CxO
Techstrong Research
Techstrong TV
Techstrong.tv Podcast
DevOps Chat
DevOps Dozen
DevOps TV

Powered by Techstrong Group

Copyright © 2025 Techstrong Group Inc. All rights reserved.

Security in AI

Step 1 of 7

14%

How would you best describe your organization's current stage of securing the use of generative AI in your applications?(Required)

We don’t have or use generative AI in our applications

Nothing significant yet - We have or will have generative AI in our applications but haven’t yet researched or explored the possibility of securing it.

Starting - We have begun to work on securing generative AI in our applications.

Developing - We have started to implement some security measures for generative AI.

Average - We have some policies or tools in place.

Advanced - We have some enhanced security protocols specifically tailored for generative AI in our applications.

Very advanced - We have comprehensive, mature, and proactive security solutions for generative AI in our applications.

Have you implemented, or are you planning to implement, zero trust security for the AI your organization uses or develops?(Required)

Already implemented

Planning to implement

Considering or scoping to implement

Not considering zero trust for AI

Do not use zero trust at all

Don’t know

What are the three biggest challenges your organization faces when integrating generative AI into applications or workflows? (Select up to three)(Required)

Potential impacts on performance or scalability of the applications

Security of prompts or responses

Compliance with standards and regulations

Lack of expertise or experience

Intellectual property protection

Access security

Data security or privacy

Potential impacts on performance or scalability of the AI

Cost to implement

Integration capabilities of current systems

How does your organization secure proprietary information used in AI training, tuning, or retrieval-augmented generation (RAG)? (Select all that apply)(Required)

Encryption at rest

Encryption in transit

Data access control, monitoring

Data anonymization

Data/information isolation

Data masking/tokenization

Data governance policies

Zero trust / continuous authentication and authorization

No specific measures in place

Which of the following kinds of tools are you currently using to secure your organization’s use of generative AI? (select all that apply)(Required)

Native cloud service tools (AWS Guardrails, e.g.)

Third-party tools

Custom in-house tools

No specific tools

How valuable do you think it would it be to have a solution that classifies and quantifies risks associated with generative AI tools?(Required)

Extremely valuable

Very valuable

Somewhat valuable

Not valuable

What are, or do you think would be, the most important reasons for implementing generative AI security measures? (Select up to three)(Required)

Regulatory compliance

Protecting intellectual property

Mitigating potential data breaches

Maintaining customer trust

Competitive advantage

Improved risk management

Increased operational efficiency

Don’t know

View results

Δ

Notifications