Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

graylog

Announcing Graylog API Security v3.6

Feb 1, 2024 By The Graylog Product Team In Graylog
Graylog API Security v3.6 is here! Just taking the version number by itself, v3.6 sounds like an incremental step forward. But the truth is that v3.6 isn’t just a release milestone; it’s a huge inflection point in our mission to improve API security. There are multiple “firsts” in v3.6, which makes the total combination even more exciting.
Read Post
bearer

Step-by-Step: Integrating SAST into Your Development Workflow

Jan 31, 2024 By Guillaume Montard In Bearer
When it comes to software development, prioritizing security is essential. Static Application Security Testing (SAST) plays a key role in this by thoroughly analyzing your source code to identify potential vulnerabilities. It's like having a constant code reviewer focused on security, ensuring that your application is protected from the earliest stages of development.
Read Post
alienvault

Bulletproofing the retail cloud with API security

Jan 31, 2024 By Devin Partida In AT&T Cybersecurity
Application programming interface (API) security is critical for retailers increasingly reliant on cloud technology. However, they also open potential gateways for cyber threats, making robust security protocols essential to protect sensitive data and maintain customer trust. The complexity of retail systems, which often involve numerous third-party integrations, can create multiple points of vulnerability.
Read Post
wallarm

Stopping Credential Stuffing Attacks: We Need to Do Better

Jan 31, 2024 By Wallarm In Wallarm
Do you know what 23andMe, Jason's Deli, North Face, and Hot Topic have in common? They've all been breached by successful credential stuffing attacks in the last year! An attack type that has gained prominence in recent years is credential stuffing. In this blog, we will explore what credential stuffing is, discuss current approaches to mitigate this type of attack, and their weaknesses. Additionally, we'll share our insights on what needs to be.
Read Post
wallarm

Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)

Jan 30, 2024 By Wallarm In Wallarm
On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server, identified as CVE-2023-22527. This issue found in older versions, poses a serious risk as it allows attackers without any authentication, to inject OGNL expressions. This means they could potentially run any code they want on the compromised system.
Read Post
wallarm

Introducing the Wallarm 2024 API ThreatStatsTM Report

Jan 29, 2024 By Wallarm In Wallarm
The Wallarm Security Research team is pleased to share the latest version of our API ThreatStats report. This report serves as a key resource for API, Application security practitioners. It emphasizes the need for a proactive stance in API security, advocating for continuous monitoring, regular updates, and the adoption of latest advanced security solutions.
Read Post
bearer

Introducing Bearer's Advanced GitLab Integration

Jan 24, 2024 By Guillaume Montard In Bearer
We are thrilled to announce the launch of Bearer's advanced GitLab integration! Building on the lessons learned from our successful GitHub App, this integration aims to revolutionize the GitLab experience for our customers, enhancing both the developer and security workflow.
Read Post
Featured Post
noname security

2024 Cybersecurity Predictions: The Continued Rise of AI and Regulation

Jan 18, 2024 By Karl Mattson, Field CISO In Noname Security
The last 12 months have been seismic for cybersecurity, with successful hacks and breaches continuing to make front-page news. The task of keeping networks and data safe is an ever-evolving one, with hackers and cybersecurity professionals in a constant state of cat-and-mouse as they try to outsmart one another. Events of the past year, including the widespread adoption of, and interest in, AI, as well as new geopolitical challenges, have had a profound impact. They provide some clues as to what 2024 might hold.
Read Post
salt security

API Risk Management: A Strategic Approach to API Risk Reduction

Jan 18, 2024 By Nick Rago In Salt Security
Could you imagine our interstate highway system without roadway bridges? I don’t think anyone would argue that bridges are not an essential part of an effective ground transportation network. So it doesn’t surprise me that when I ask people what makes a highway bridge “good,” I get quick responses with pretty consistent answers: guardrails, proper lighting, clear signage, smooth driving surface, lane markings, load capacity, structural integrity, and so on.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.