runtime security

A new article on WNEP is reporting on experts who claim that cyber attacks are getting worse.  Not surprising at the top of the list is ransomware attacks., which have made headlines, ...

In addition to OWASP finally updating the Top 10 Web Application Risks, this year Mitre also updated their Top 25 Most Dangerous Software Bugs, also known as the CWE Top 25.  One ...

It will be one year since NIST released their final version of SP800-53 Revision 5 on September 23, 2020.  As a quick reminder SP800-53 is the document issued by NIST that specifies ...

The Open Web Application Security Project (OWASP) has released its draft Top 10 Web Application Security Risks 2021 list with a number of changes from the 2017 list (the last time the list ...

A new article in Help Net Security covers some interesting new statistics that reflect the inability of current security tools to protect organizations against attacks happening on web applications.  The article shares ...

A new article in SDXcentral talks about why WAFs (Web Application Firewalls) are insufficient protection according to a hacker.  The topic of WAFs isn't new to K2 and we've covered their failures ...

It's been 18 years since OWASP first published their list of Top 10 Web Application Security Risks in 2003. It wouldn't be unreasonable to think it would have been possible to solve ...

Security practitioners are under the constant need to keep up to date and continue their learning, just to keep up with the ever changing tactics of cyber criminals.  It's one of the ...

Organizations have seen a dramatic shift towards digital transformation in recent years, driven in part by the COVID-19 pandemic and the work from home phenomenon.  Part of that transformation included a shift ...

One of the most common issues with security testing of applications is being inundated with vulnerability reports, containing too many vulnerabilities for a typical development team to handle.  This includes reports from ...