A common topic of conversation we have with software developers is how to reliably and accurately scan code for vulnerabilities while minimizing the number of false positives. And when false positives do appear, how can they be excluded from the code assessme...
The application security world is constantly under attack. One of the most common attacks comes in the form of hacker groups. These notorious hacking groups are often organized and motivated by political or social agendas. While some hacker groups pull relati...
One of the key benefits of cloud computing is that it has given organizations the ability to more quickly accelerate applications to market, providing increased business agility. That means organizations can potentially reach the market faster than ever befor...
Threat actors have been using GitHub‘s repojacking flaw to hijack and inject thousands of repositories with malicious code. Since this flaw has yet to be fixed, GitHub users will likely see more of these attacks soon. Luckily, there are ways to prevent cyberc...
With the rise of collaborative software development environments, it’s more important than ever to ensure that code quality and security are top priorities. After all, when multiple developers are working on a project, one bad actor can easily ruin things for...
Implementing a comprehensive security framework requires a strategy that brings security to the front of every stage of the development process — and zero trust is the answer. Here’s how it’s done … The Ponemon Institute recently collaborated with IBM in thei...
For the first time in the survey’s history, respondents to the Allianz Risk Barometer cited cyber incidents as their number one concern for 2022. This worry isn’t surprising, considering cybercriminals are getting bolder in their exploits. Lately, n...
Researchers recently announced the presence of a gaping security hole in Spring, a framework widely used by organizations developing Java applications. Designated CVE 2022 2965 and nicknamed SpringShell, the substantial chink in the collective Java ...
Organizations are now scanning for security vulnerabilities 20 times faster than just a few years ago. The increase in scanning activity is driven by several factors, including the growing use of automated scanning tools, the proliferation of cloud-based infr...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operational requirements for establishing security measures around payment security. It replaced a...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operations requirements for establishing security measures around payment security. It replaced a ...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operations requirements for establishing security measures around payment security. It replaced a ...
