Please turn on your JavaScript for this page to function normally.
mobile app unlock
Popular fintech apps expose valuable, exploitable secrets

92% of the most popular banking and financial services apps contain easy-to-extract secrets and vulnerabilities that can let attackers steal consumer data and finances, …

application security testing
A modern-day look at AppSec testing tools

In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security …

SaaS
Security teams have no control over risky SaaS-to-SaaS connections

Employees are providing hundreds to thousands of third-party apps with access to the two most dominant workspaces, Microsoft 365 and Google Workspace, according to Adaptive …

Terminal
Why people-driven remediation is the key to strong API security

If an organization relies on automation and tools to highlight API security issues, it is still up to a trained developer to manage API behavior. Since there is no standard …

cloud
Cloud-native application adoption puts pressure on appsec teams

Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting …

Hand
24% of technology applications contain high-risk security flaws

With, arguably, a higher proportion of applications to contend with than other industries, tech firms would benefit from implementing improved secure coding training and …

Terminal
How to improve secure coding education

Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …

Backstage
Critical vulnerability in Spotify’s Backstage discovered, patched

A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …

DevSecOps
Security leaders want consequences for insecure code

Organizations plan to invest in DevSecOps in 2023, and the level of urgency for them to do so has grown. In a recent survey conducted by the Neustar International Security …

application
Most missed area of zero trust: Unmanageable applications

In this Help Net Security video, Matthew Chiodi, Chief Trust Officer of Cerby, talks about the likely hole in your security strategy. This video zeroes in on one of the most …

arrows
Risk management focus shifts from external to internal exposure

Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …

skull binary
What could be the cause of growing API security incidents?

Noname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of …

Don't miss

Cybersecurity news