%term

The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Feb 15, 2023 By Jack Hair In Snyk

Mass assignment, also known as autobinding or object injection, is a category of vulnerabilities that occur when user input is bound to variables or objects within a program. Mass assignment vulnerabilities are often the result of an attacker adding unexpected fields to an object to manipulate the logic of a program.

Read Post

Snyk

Read more about The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Snyk Workflows - Ignores & PR Checks

Feb 15, 2023 By Snyk In Snyk

Snyk integrates with your IDEs, repos, workflows, and automation pipelines to add security expertise to your toolkit. The “menu” of options available to you is extensive, so we created this three-part series to get you started and running. Do you want your dev teams and AppSec teams to be aligned? The second session of the series digs deeper into using ignore capabilities. You’ll also learn about PR checks. This is a great way to get ahead of permissions.

View Video

Snyk

Read more about Snyk Workflows - Ignores & PR Checks

EP 21 - Back to the Cyber Future: Theresa Payton on Evolving Digital Threats (Part 1)

Feb 15, 2023 By CyberArk In CyberArk

Since the earliest digital days, cyberattackers have targeted identities in their quests for riches, chaos and even revenge. So, what if we could hop into a flux capacitor-equipped DeLorean, hammer-down to 88 mph, and go back in time to better understand how yesterday’s threats influence today’s landscape – and what history can teach us about outpacing adversaries? Today, we do that – and a whole lot more – with a fantastic guest: Theresa Payton.

Read Post

CyberArk

Read more about EP 21 - Back to the Cyber Future: Theresa Payton on Evolving Digital Threats (Part 1)

Making Cal-Secure Work for California Government Agencies

Feb 15, 2023 By Tanium In Tanium

A new webinar has fascinating insight to help organizations accelerate their roadmaps.

Read Post

Tanium

Read more about Making Cal-Secure Work for California Government Agencies

Hello CISO - Episode 8: Common Sense Security Policies and Bullshit Ones

Feb 15, 2023 By 1Password In 1Password

The best policies for security aren’t always the policies that end up in the company security manual. Why? In this episode, Troy explores the difference between good security policies and CYA security policies… and how to close the gap between the two. Hello CISO is a collaboration between Troy Hunt and the people who build the world's most trusted enterprise password manager. To learn more, visit 1Password.com/business, and don’t forget to subscribe to be notified of new episodes.

View Video

1Password

Read more about Hello CISO - Episode 8: Common Sense Security Policies and Bullshit Ones

Stranger Danger: Your Java Attack Surface Just Got Bigger

Feb 15, 2023 By Snyk In Snyk

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

View Video

Snyk

Read more about Stranger Danger: Your Java Attack Surface Just Got Bigger

Convos with Customers: Vanta x ResoluteAI

Feb 15, 2023 By Vanta In Vanta

Join us for Vanta’s most recent Convos with Customers episode, where Eléonore Dixon-Roche, Senior Product Manager at ResoluteAI, explains how Vanta helped her step outside of her role and take on managing security and compliance for her company.

View Video

Vanta

Read more about Convos with Customers: Vanta x ResoluteAI

Big Trends From the 2023 Okta Business at Work Report

Feb 15, 2023 By Tom Clare In Netskope

This year’s Okta Business at Work annual report highlights growth, despite national headlines with concerns about a recession and economic contraction. Given Okta’s role as a leading identity service provider, the growth theme is good news for stronger authentication and protection against access compromise, phishing, and ransomware.

Read Post

Netskope

Read more about Big Trends From the 2023 Okta Business at Work Report

iOS 2FA Setup for Websites and Apps

Feb 15, 2023 By Keeper In Keeper

For added security on supported websites and apps, use Keeper to store two-factor authentication codes. When setting up 2FA on a site or app, Keeper for iOS can serve as your time-based one-time password or “TOTP” generator. This video will review how users can easily add a two-factor verification setup code or secret key from a website or app to a new or existing Keeper record. Initial Configuration Steps

View Video

Keeper

Read more about iOS 2FA Setup for Websites and Apps

Importance of Insurance-Validated Risk Models to Quantify Cyber Risk

Feb 15, 2023 By Kovrr

By its nature, cyber risk is dynamic. New events happen and evolve all the time, making it difficult for enterprises to financially quantify their financial exposure to cyber attacks. Around two years ago, for example, distributed denial-of-service (DDoS) attacks were making headlines, and now ransomware has come into heightened focus. It's reasonable to believe that other types of attacks will emerge in another two years and continue to change thereafter.

Get Report