The API security landscape is changing rapidly, and cybercriminals are becoming increasingly sophisticated. According to the Salt Labs State of API Security Report 2024, API security incidents have more than doubled in the past 12 months, while API usage is rapidly increasing. Organizations are finding it challenging to keep up with the threats associated with expanding API ecosystems and fully understand their complex behavioral attributes.

The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports. The CSA’s report found that cybercriminals are selling tools that automate these attacks, allowing unskilled threat actors to launch sophisticated attacks.

The current state of OT/IOT security is being repainted with a new coat of risk. The shade of color? Cellular routers and the vulnerabilities within firmware. In our new report with Finite State, our joint research explores the risks organizations face within the software supply chains of OT/IoT routers. Hardware has firmware – operational software – within its memory components.

Over the years, application vulnerability management has been vital to DevSecOps — which emphasizes shared security responsibility across teams. However, as development practices have evolved, security teams must learn how to adapt and meet developers within their existing workflows. For example, containerization, infrastructure as code (IaC) AI coding assistants, and increased reliance on third-party code are all commonplace in the typical development lifecycle.

As noted in the 2024 Gartner Market Guide for API Protection“API security governance is an emerging capability. It allows the administrator of the tool to define and enforce security policies. Unlike posture management, this is a top-down enforcement. It also allows for compliance reports for specific regulations to be generated automatically.” This capability is becoming increasingly important as organizations face a constantly evolving threat landscape.

Artificial intelligence has taken over almost every aspect of our everyday lives. In cybersecurity, generative AI models with natural language processing are commonly being used to predict, detect, and respond to threats. But AI security assistants, although an upgrade from traditional machine learning, only provide very basic queries and summarization, which is insufficient to fully comprehend modern cloud attacks. As part of an ongoing effort to improve the cloud detection and response (CDR) experience,

We are thrilled to announce the new Snyk Analytics for Snowflake, allowing Snyk customers to seamlessly access and analyze Snyk’s data from their Snowflake account.

The explosion of AI has ignited both excitement and apprehension across various industries. While AI is undeniably having a positive impact on engineering and customer service teams, cybersecurity and IT practitioners remain cautious. Concerns about data privacy, the inflexibility of disparate tools, and the sensitive nature of many mission-critical workflows—which, more often than not, require some level of human oversight—fuel a deep mistrust of LLMs by these teams.