Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2023

noname security

Creativity and Innovation Unleashed - Introducing the New Noname Security

Jun 28, 2023 By Harold Bell In Noname Security

As you probably noticed, our company has just undergone a major facelift. Though our name and logo remained intact, not much else was left untouched in this rebranding effort. It may have come as a surprise, but this strategic move will not only refresh our company’s image but also how we communicate with the marketplace.

Read Post
noname security

Noname Public Service Announcement: Moveit attack involving API abuse

Jun 26, 2023 By Daren Presbitero In Noname Security

A recent onslaught of attacks targeting the MoveIT application have affected several US Government agencies including Department of Energy (DOE); the Oak Ridge National Laboratory (ORNL) and several State governments such as Minnesota, Missouri, and Illinois. Media coverage of the vulnerabilities (CVE-2023-34362, CVE-2023-35036, and most recently CVE-2023-35708) involving a SQL injection are front and center.

Read Post
noname security

Leaving no API untested.

Jun 21, 2023 By Filip Verloy In Noname Security

Today we announced the general availability of Active Testing V2, our flagship API security testing solution, and an integral part of the Noname API Security Platform. The more API security defects we can catch during development, the cheaper and more efficient our applications become. So-called shifting left has a profound effect on security if done right. Over 85% of defects, including security issues, are created in development, mainly during the initial coding phase.

Read Post
noname security

National Cybersecurity Strategy: Disrupting and Dismantling Threat Actors Will Not Come Easy

Jun 12, 2023 By Dean Phillips In Noname Security

Continuing a review of the new National Cybersecurity Strategy, today I look at the second pillar, Disrupt and Dismantle Threat Actors. It’s heavy on collaboration, information sharing, and integrated response, and lays out five objectives that, on the surface, make sense: However, reading through the specifics of the five objectives, I see major challenges in achieving some of these. I’ll only address a few underlying issues in order to keep this more manageable.

Read Post
noname security

The Updated OWASP API Security Top 10 for 2023 is Here

Jun 5, 2023 By Filip Verloy In Noname Security

The Open Web Application Security Project (OWASP) is a global non-profit organization dedicated to improving the security of software. The OWASP foundation first released a list of the top 10 security risks faced by APIs in 2019. Although 4 years is an extremely long time when it comes to computing, the fact remains that most organizations are still in the process of putting better API security controls in place to protect against the 2019 Top 10.

Read Post

What is Software Composition Analysis (SCA)?

Jun 1, 2023 By Noname Security In Noname Security
A subset of application security testing, software composition analysis (SCA) refers to an automated process which scans open source software, allowing security analysts to identify precisely which libraries and components have been used in a piece of software. Code is parsed automatically and scanned against a known list of open source vulnerabilities.
View Video

What is Dynamic Application Security Testing (DAST)?

Jun 1, 2023 By Noname Security In Noname Security
Dynamic application security testing (DAST) is an automated security testing technique that is used to identify vulnerabilities in web applications. The best DAST tools simulate various types of attacks to detect security vulnerabilities and test a broad spectrum of endpoints including hidden values. By simulating malicious attacks on an application, automated DAST security tools can help identify outcomes that are far outside typical user experience.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.