Expert analysis
The basics of security code review
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …
Security doesn’t always require immediacy
New security threats emerge almost continuously, meaning we now deal with a known unknown. In the past year alone, malware and ransomware use has sharply increased, 43% of …
University of Minnesota researchers fail to understand consent
You’d think with all the recent discussion about consent, researchers would more carefully observe ethical boundaries. Yet, a group of researchers from the University of …
Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations
Cybersecurity is a race. A race that has for over a decade been extended to include systems that run the world’s industrial facilities, where a breach can compromise more than …
Hackers are leveling up and catching healthcare off-guard
Remember when ransomware operators promised last year not to attack hospitals under siege from COVID-19? Unfortunately, that didn’t happen: hospitality, entertainment, …
Hiring remote software developers: How to spot the cheaters
For the past year, moving to an all-remote workforce has often been positioned as a silver lining to the pandemic. Software engineers, in particular, reported a better …
Dealing with ransomware attacks: What options do you have?
IT decision-makers often find themselves stuck between a rock and a hard place when it comes to dealing with ransomware attacks. Do they pay a large sum of money to …
Cyber investigations, threat hunting and research: More art than science
While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language …
DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its …
Maximizing a hybrid cloud approach with colocation
As a multi-tenant cloud environment, the public cloud offers companies with vast amounts of data a highly affordable option. However, it also presents a number of limitations …
3 areas of implicitly trusted infrastructure that can lead to supply chain compromises
The SolarWinds compromise in December 2020 and the ensuing investigation into their build services put a spotlight on supply chain attacks. This has generated a renewed …
Top security threats for power plants and how to proactively avoid them
Power plants are one of the most vitally important components of modern civilization’s infrastructure. A disruption in energy production impacts all aspects of society from …
Featured news
Resources
Don't miss
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption