APIs Explained: Bridging Backend and Frontend #startup #event #bsidesahmedabad #cybersecurity
APIs Explained: Bridging Backend and Frontend #startup #event #bsidesahmedabad #cybersecurity.
Your Margins Are Under Attack. Here's How to Fight Back.
MSSPs don’t succeed because of the vendors they choose or the SIEM they prefer. They succeed when their operating model scales profitably. Yet most industry content feels like sales brochures, comparing one tool to another. The truth is, successful providers use many combinations of vendors. What separates winners from losers isn’t which tools they pick, it’s the foundation they build on.
SonicWall Warns Customers of Data Exposure Incident Affecting MySonicWall Configuration Backup Files
On September 17, 2025, SonicWall released a knowledge base article detailing the exposure of firewall configuration backup files stored in certain MySonicWall accounts. SonicWall states that after identifying the incident they began an investigation containing the incident, terminating the ‘unauthorized access point’, and working with law enforcement and select cybersecurity agencies globally.
AI Risk Management: Defining, Measuring, & Mitigating the Risks of AI
Artificial intelligence (AI) used to be something that only existed in science fiction novels and dystopian movies. Then, technology advanced, and it became a reality, being slowly implemented into experimental projects and niche use cases. Now, however, it is shaping real business outcomes, accelerating decisions and automating processes in ways that are becoming commonplace in daily market operations.
swampUP 2025 Recap: The Quantum Shift in Software Delivery Requires a Unified Approach
And that’s a wrap! Held in beautiful Napa Valley, swampUP 2025, JFrog’s annual customer conference brought together developers, operations, security, compliance, and AI/ML leaders – all facing the same burning challenges posed by the AI-driven quantum shift in software delivery. In the keynotes, breakout sessions, and side-conversations over wine and coffee, a common theme was made clear: a unified Software Supply Chain platform is essential to thrive in the new reality.
Detect Secrets in GitLab CI Logs using ggshield and Bring Your Own Source
Discover how to automatically detect secrets in GitLab CI logs using ggshield and GitGuardian's Bring Your Own Source initiative. Learn to set up real-time scanning to prevent credential leaks, enhance compliance, and secure your entire CI/CD pipeline from hidden risks.
The Psychological Toll of Working in Cybersecurity - When You Can't Unsee What You've Seen
Are you prepared for the psychological toll that comes with handling disturbing content in the cybersecurity world? Welcome to Razorwire, where today we’re exploring the realities behind a career in cyber — from technical warfare to the often-overlooked human cost. In this episode, I’m joined by therapist and consultant Eve Parmiter to examine the real psychological impact of repeated exposure to distressing material that many of us face during incident investigations, content moderation and threat research.
Why Should You Use Fidelis Halo to Secure Containers in Hybrid Cloud and DevOps Pipelines?
Containerized applications have become the backbone of modern digital services. They allow you to package applications and dependencies into portable units that can run anywhere—on-premises, in private clouds, or across public cloud platforms. But with this agility comes risk. Containers, like any other software, are prone to vulnerabilities.
CVE-2025-9242: Critical Unauthenticated Out-of-Bounds Write Vulnerability in WatchGuard Firebox
On September 17, 2025, WatchGuard released fixes for a critical out-of-bounds write vulnerability (CVE-2025-9242) in the iked process of WatchGuard Fireware OS, which powers their Firebox firewall appliances. This flaw allows a remote unauthenticated threat actor to execute arbitrary code and affects both the mobile user VPN with IKEv2 and the branch office VPN with IKEv2 when configured with a dynamic gateway peer.
Laying the groundwork: Building security foundations at the partial stage
Every mature security program starts somewhere. For many organizations—especially startups and early-stage companies—this is what the NIST Cybersecurity Framework (CSF) calls the partial stage. At this level, security is often reactive. Teams operate with minimal resources and ad-hoc processes, working hard to meet customer or compliance demands but without the structure or long-term strategy needed to scale.