software
When it comes to vulnerability triage, ditch CVSS and prioritize exploitability
When it comes to software security, one of the biggest challenges facing developers today is information overload. Thanks in part to the widespread proliferation and use of …
BluBracket Community Edition: Detect and monitor secrets in code for free
BluBracket announced its Community Edition, a free, robust and automated tool for finding passwords, tokens and other security vulnerabilities in code. It uses a novel, …
Product showcase: USB-Lock-RP
USB ports in any organization’s network need to be controlled because connected devices such as USB drives and smartphones can be used to transfer malware to computers …
Open-source tool BlobHunter helps pinpoint public Azure blobs that might contain sensitive files
CyberArk researchers have released BlobHunter, an open-source tool organizations can use to discover Azure blobs containing sensitive files they have inadvertently made …
Data loss prevention strategies for long-term remote teams
Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv …
Open-source tool for hardening commonly used HMI/SCADA system
Otorio, a provider of OT security and digital risk management solutions, released an open-source tool designed for hardening the security of GE Digital’s CIMPLICITY, one …
Runtime data no longer has to be vulnerable data
Today, the security model utilized by nearly all organizations is so weak that the mere act of creating new data comes with the immutable assumption that such data will become …
To combat cyber warfare the security industry needs to work together
Just when we thought 2020 couldn’t get worse, security firm FireEye broke the news that the compromise of a software solution by IT solutions provider SolarWinds had resulted …
Automation and no-code are driving the future of business operations
More than 95% of respondents indicated that business operations has become a more important function in their organization in the past year, a Tonkean survey reveals. The …
SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
Review: Code42 Incydr – SaaS data risk detection and response
Incydr is Code42’s new SaaS data risk detection and response solution, which enables security teams to mitigate file exposure and exfiltration risk without disrupting …
Three ways formal methods can scale for software security
Security is not like paint: it can’t just be applied after a system has been completed. Instead, security has to be built into the system design. But how can we know that a …