A critical vulnerability, CVE-2024-9264, has been discovered in Grafana, the open-source analytics and visualization platform widely used by organizations worldwide. According to Netlas.io, over 100,000 Grafana instances may be vulnerable globally, with nearly 19,000 in the U.S. alone. This vulnerability poses significant risks, enabling remote code execution (RCE), allowing attackers to execute arbitrary system commands and access sensitive files.

The OWASP Top 10 is a research-based document that raises awareness among developers, organizations, and security professionals on the most critical security risks facing web applications. The latest is the OWASP Top 10 vulnerabilities 2021, released in September 2021 after a 4-year gap. In this article, the OWASP Top 10 vulnerabilities 2021 are explained in detail, along with ways to mitigate each.

From GDPR in Europe to CCPA in California, compliance officers and CISOs face a deluge of regulations, standards, and requirements. With every country, industry, and regulator demanding different levels of control, how can teams manage these complex requirements efficiently? In a recent virtual panel discussion, I had the opportunity to join Ashish Tandon, Founder & CEO of Indusface, where I highlighted essential strategies for CISOs to navigate these compliance complexities efficiently.

Security testing aims to find vulnerabilities and security weaknesses in the software/ application. By subjecting the software or application to controlled security scenarios, cyber security testing ensures that the system is adequately prepared to withstand attacks and unforeseen failures. Security experts and testers use different types of security testing to identify potential threats, measure the probability of exploitation of vulnerabilities, and gauge the overall risks facing the software/ app.

A reverse proxy is a server that sits between the client and the origin server. It accepts requests from clients and forwards them to the appropriate server. It also receives responses from the server and sends them back to the client. A reverse proxy is an essential component of web application infrastructure, providing a layer of abstraction between clients and origin servers to help optimize traffic routing and improve performance and security.

Compliance is a critical concern for businesses today, but navigating the rules can be overwhelming. With regulations constantly evolving, many organizations struggle to keep up. I had the opportunity to participate in a recent virtual panel with Ashish Tandon, Founder & CEO of Indusface. Over the years, I have consulted with multiple large enterprises across geographies and industries. Below are the top challenges that they face as far as compliance is concerned.