application security
Popular fintech apps expose valuable, exploitable secrets
92% of the most popular banking and financial services apps contain easy-to-extract secrets and vulnerabilities that can let attackers steal consumer data and finances, …
A modern-day look at AppSec testing tools
In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security …
Security teams have no control over risky SaaS-to-SaaS connections
Employees are providing hundreds to thousands of third-party apps with access to the two most dominant workspaces, Microsoft 365 and Google Workspace, according to Adaptive …
Why people-driven remediation is the key to strong API security
If an organization relies on automation and tools to highlight API security issues, it is still up to a trained developer to manage API behavior. Since there is no standard …
Cloud-native application adoption puts pressure on appsec teams
Oxeye revealed five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research, which shows the industry is shifting …
24% of technology applications contain high-risk security flaws
With, arguably, a higher proportion of applications to contend with than other industries, tech firms would benefit from implementing improved secure coding training and …
How to improve secure coding education
Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …
Critical vulnerability in Spotify’s Backstage discovered, patched
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …
Security leaders want consequences for insecure code
Organizations plan to invest in DevSecOps in 2023, and the level of urgency for them to do so has grown. In a recent survey conducted by the Neustar International Security …
Most missed area of zero trust: Unmanageable applications
In this Help Net Security video, Matthew Chiodi, Chief Trust Officer of Cerby, talks about the likely hole in your security strategy. This video zeroes in on one of the most …
Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …
What could be the cause of growing API security incidents?
Noname Security announced the findings from its API security report, “The API Security Disconnect – API Security Trends in 2022”, which revealed a rapidly growing number of …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments