Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CI DevSecOps Series - Level Up Your Tests

Apr 19, 2023 By Code Intelligence In Code Intelligence
Building secure and reliable APIs is an essential and challenging endeavor. Traditional API testing approaches perform blackbox testing and test the application through the network. This is both slow and lacks deep insights into how the tested application handles API requests. Also, it happens late in the software development lifecycle as it requires a complete application deployment.
View Video

Create and Run an Unauthenticated Dynamic Analysis of a Web Application

Apr 19, 2023 By Veracode In Veracode
In this video, you will learn how to create, configure, and schedule an unauthenticated Dynamic Analysis. An unauthenticated Dynamic Analysis scan is appropriate when the site you are scanning does not require a login. Veracode Dynamic Analysis also supports the scanning of websites that require authentication, such as login via a web form, browser-based, or NTLM.
View Video
elastic

Beyond the build: Why runtime security is critical for container protection

Apr 19, 2023 By Daniel Rohan In Elastic
Containers and microservices have changed the game: They allow organizations to ship apps faster and make better use of hardware. They encourage modular software design. And containers help teams embrace the cloud-native paradigms of scalability, mobility, and resilience. It’s safe to say that containers have shaken things up.
Read Post
salt security

Salt Unveils Enhancements to AI Algorithms for API Security

Apr 19, 2023 By Stephanie Best In Salt Security

We’re pleased to share that Salt has extended the capabilities of our powerful AI algorithms, further strengthening the threat detection and API discovery abilities of the Salt Security API Protection Platform. (Check out today’s announcement.) Here at Salt, we always look forward to the RSA Conference, but this year we are doubly excited to attend and showcase these new advanced capabilities! Salt invests significant resources into the continued innovation of our API security platform.

Read Post
indusface

The Ultimate API Penetration Testing Checklist

Apr 19, 2023 By Indusface In Indusface
When was the last time your organization conducted an API security assessment? And did you have the framework and resources to do so? Now more than ever, companies need to know where their APIs are vulnerable to malicious actors. Check out the API Penetration Testing checklist, which outlines how to conduct an effective API security assessment for your organization.
Read Post
knowbe4

That Email Isn't from the New Jersey Attorney General

Apr 19, 2023 By Stu Sjouwerman In KnowBe4

Earlier this month, state employees in the US state of New Jersey began receiving emails that falsely represented themselves as originating with the state’s attorney general. “At first blush, the communiques appeared to come from the state Attorney General's Office and sported a convincing njoag.gov domain.

Read Post
knowbe4

Guarding Against AI-Enabled Social Engineering: Lessons from a Data Scientist's Experiment

Apr 19, 2023 By Stu Sjouwerman In KnowBe4

The Verge came out with an article that got my attention. As artificial intelligence continues to advance at an unprecedented pace, the potential for its misuse in the realm of information security grows in parallel. A recent experiment by data scientist Izzy Miller shows another angle. Miller managed to clone his best friends' group chat using AI, downloading 500,000 messages from a seven-year-long group chat, and training an AI language model to replicate his friends' conversations.

Read Post
Zenity

Where There's No Code, There's No SDLC

Apr 19, 2023 By Michael Bargury In Zenity

When developing applications, organizations rely heavily on the software development lifecycle (SDLC) to engrain security into the development process early and continuously. The SDLC lays out how to build security into early steps as developers are creating and testing applications. As such, organizations are able to embed security practices when it matters most.

Read Post
cyberark

Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation - Part 2

Apr 19, 2023 By Eviatar Gerzi In CyberArk

In the previous blog post, we described how the Docker research started and showed how we could gain a full privilege escalation through a vulnerability in Docker Desktop. In this follow-up blog post, we will show the other vulnerable functions we were able to exploit.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.