Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

APIs served as part of web and mobile applications are vital to enabling customers to interact with your business. However, it’s important to understand the impact on your business when these APIs are used in new, non-standard and potentially unintended ways. While APIs are usually written and intended for use with certain frontends (i.e. web application or mobile app), they are served publicly on the internet and are open to inspection by any interested party.

While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information.

From credential theft to network vulnerability exploitation and ransomware incidents on highly secure organizations, the year 2020 has been surprisingly rough on IT security. In the wake of the COVID-19 pandemic, companies around the world are reporting more cyberattacks than ever before, and although the techniques used or the method of attack may be new, the vectors of attack over the years remain unchanged.

It’s no secret: the number of security vulnerabilities organizations must contend with is overwhelming. According to a 2019 Risk Based Security report, there were 22,316 newly-discovered vulnerabilities last year. One Patch Tuesday disclosed a record number of 327 vulnerabilities in a single day. Just keeping up is becoming a monumental task. But knowing where and how your organization may be vulnerable is critical to maintaining a healthy security posture.

These vulnerabilities were observed to be critical in October 2020. Cyberint's Research Team recommends to patch and take the necessary steps immediately.

You’ve purchased a software composition analysis solution, and you’re excited to start scanning. Before you do, read our top tips for getting started with WhiteSource. Following some basic guidelines ensures your implementation gets off on the right foot.

Veracode’s Chris Wysopal and Chris Eng joined Enterprise Strategy Group (ESG) Senior Analyst Dave Gruber and award-winning security writer and host of the Smashing Security podcast, Graham Cluley, at Black Hat USA to unveil the findings from a new ESG research report, Modern Application Development Security.

The 2020 Devo SOC Performance ReportTM presents security professionals’ responses to a variety of survey questions related to people, processes, and technologies within their security operations center (SOC). One of the more interesting topics in the report is the role security automation technologies can play in improving SOC performance and alleviating analyst stress caused by overwork and performing repetitive, mind-numbing tasks, which can lead to analyst burnout.