Static Application Security Testing (SAST) is an effective and well-established application security testing technology. It allows developers to create high-quality and secure software that is resistant to the kinds of attacks that have grown more prevalent in recent years. However, the challenge with SAST is that it tends to produce a high number of false positives that waste the time of your engineering team. In this blog we take a look at SAST and the problem of false positives.

Businesses have become the custodians of massive amounts of data over the past several decades. Some of it is unstructured and ostensibly useless, but much of it contains valuable, sometimes very personal information. More data, more problems. As information proliferated so has the phenomenon of data breaches. Information leaks cost businesses millions of dollars, months of their time, and a good deal of trust from the consuming public. It is a bad situation but also one that breeds opportunity.

2021 was a devastating year for cybersecurity. As business accelerated digital adoption and people played out their lives online, threat actors were ready to capitalize on the transitional moment, savagely targeting everything from critical health infrastructure to small and medium-sized businesses. By Q4 of 2021, the number of reported data breaches had already surpassed 2020 totals, which were historic in their own right.

With the growing risk of identity-driven breaches, as seen in recent ransomware and supply chain attacks, businesses are starting to appreciate the need for identity security. As they assess how best to strengthen identity protection, there is often an urge to settle for security features or modules included in enterprise bundles from the same vendor providing their identity or identity and access management (IAM) layer.

Internxt is a little different than your average cloud service. Our secure storage was designed from the ground up with the user and their privacy in mind. To do this, we’ve built our service for Web3, which means the information we encrypt and store is decentralized and our business model has nothing to do with selling data.

Handling sensitive data, compliance, and security is always front of mind for payment gateways. Technology is nowadays a double-edged sword. Just as digital advancement has revolutionized global commerce, so too have the tactics that cybercriminals use to defraud merchants and customers. A study by PWC, Global Economic Crime and Fraud Survey 2020, found that 47% of respondent companies experienced some form of fraud, resulting in US$42B of losses.

The security operations center (SOC) plays a critical role in any enterprise’s effort to protect its data from rapidly evolving cybersecurity threats. However, for a variety of reasons revealed in the 2021 Devo SOC Performance ReportTM — which is based on the results of a survey of more than 1,000 security practitioners — organizations are frustrated with their SOC’s lack of effectiveness in performing its vital work.

The world is in a tumultuous place at the time of this writing, with all eyes on the escalating ground war unfolding in Ukraine. As devastating as the news has been, cybersecurity observers are well aware of the unseen battles unfolding simultaneously in cyberspace. The importance of businesses, governments, and other organizations protecting vital systems and sensitive data has never faced such a stark context.