software
Open-source tool Yor automatically tags IaC resources for traceability and auditability
Yor is an open-source tool from Palo Alto Networks that automatically tags cloud resources within infrastructure as code (IaC) frameworks such as Terraform, Cloudformation, …
A leadership guide for mitigating security risks with low code platforms
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The …
Mobile stalkerware is on the rise
Mobile stalkerware, which is software silently installed by stalkers onto victims’ mobile devices without their knowledge, is on the rise, an ESET research finds. In 2019, …
The basics of security code review
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …
How to deal with ransomware attacks
Used in cyberattacks that can paralyze organizations, ransomware is malicious software that encrypts a computer system’s data and demands payment to restore access. To help …
Commercial third party code creating security blind spots
Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research …
3 areas of implicitly trusted infrastructure that can lead to supply chain compromises
The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …
Acting on a security risk assessment of your organization’s use of Salesforce
Salesforce isn’t rocket science, but the software has an incredible array of tools, which is why securing it demands a unique (and sometimes complex) approach. If you’re …
Kubestriker: A security auditing tool for Kubernetes clusters
Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services …
PCI SSC publishes PCI Secure Software Standard 1.1 and supporting program documentation
Version 1.1 of the PCI Secure Software Standard introduces the Terminal Software Module, a new security requirements module for payment software intended for deployment and …
Solve evolving enterprise issues with GRC technology
For this interview, we sat down with Blake Brannon, CTO at OneTrust, to discuss governance, risk management, and compliance (GRC). More than 8,000 customers, including half of …
Research directions in cybersecurity to support a digital strategic autonomy
Resilience, technological sovereignty and leadership are essential for the EU and as such, they are addressed by the EU Cybersecurity Strategy. In an effort to support this …
Featured news
Resources
Don't miss
- How one quick AI check can leak your company’s secrets
- Salesforce investigates new incident echoing Salesloft Drift compromise
- Security gap in Perplexity’s Comet browser exposed users to system-level attacks
- MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
- Is your password manager truly GDPR compliant?