As we have in previous editions of the ThreatStats report, we highlight the industry’s top API-related attacks and trends. New to this version, however, is a detailed analysis of API attacks targeting AI-based applications, representing a new and rapidly expanding threat vector. And while we encourage you to download the full report, here are some key observations about what you’ll find within. API threats to AI applications are clearly on the rise.

In this week’s episode of The Future of Security Operations podcast, I'm joined by Brent Deterding. Brent has over 25 years of experience in security, both on the vendor side and now as a security leader. He spent a big part of his career with cloud-native security analytics platform SecureWorks, and he’s currently the CISO of Afni, a global provider of contact center solutions in the U.S., Philippines, and Mexico.

It’s not just about speeding up processes; it’s about efficiency, accuracy, and ultimately, staying one step ahead of threats. At ThreatQuotient, we’re committed to partnering with our customers to harness the power of automation in targeted ways that simplify and streamline workflows for security teams.

With the increase in privacy regulations, data localization is a rapidly growing concern for companies. With the right strategies and tools in place, companies can ensure their data remains secure and compliant with privacy laws while also benefiting from its localization. In this blog, we’ll explore what data localization is, the benefits and challenges, and how using the right set of tools can help.

Identity security and Zero Trust have emerged as critical components in the defense against quickly evolving cyberthreats. Together, the solution and the approach support a default stance of “never trust, always verify,” with every risky action requiring authentication, authorization and audit.

On March 13, 2024, the European Parliament marked a significant milestone by adopting the Artificial Intelligence Act (AI Act), setting a precedent with the world’s first extensive horizontal legal regulation dedicated to AI.

When it comes to securing applications in the cloud, adaptation is not just a strategy but a necessity. We’re currently experiencing a monumental shift driven by the mass adoption of AI, fundamentally changing the way companies operate. From optimizing efficiency through automation to transforming the customer experience with speed and personalization, AI has empowered developers with exciting new capabilities.

In the domain of digital forensics, volatile data assumes a paramount role, characterized by its ephemeral nature. Analogous to fleeting whispers in a bustling city, volatile data in Linux systems resides transiently within the Random Access Memory (RAM), encapsulating critical system configurations, active network connections, running processes, and traces of user activities. Once a Linux machine powers down, this ephemeral reservoir of information dissipates swiftly, rendering it irretrievable.

The big idea behind Corelight has always been simple: ground truth is priceless. What really happened, both now and looking back in time. Whether it is used to detect attacks, investigate routine alerts, respond to new vulnerabilities or a full scale incident response, the constant is that ground truth makes everything in security better. We have no claim of authorship here. By contrast, we learn from the world’s most accomplished defenders through their use of Zeek® and Suricata®.

We are pleased to introduce Semantic Versioning and release channels to Snyk CLI from v.1.1291.0 onwards. In this blog post, we will share why we are introducing these changes, what problems these changes solve for our customers, and how our customers can opt-in according to their needs.