Technology

OWASP Top 10 for LLM Applications: A Quick Guide

Apr 10, 2024 By AJ Starita In Mend

Published in 2023, the OWASP Top 10 for LLM Applications is a monumental effort made possible by a large number of experts in the fields of AI, cybersecurity, cloud technology, and beyond. OWASP contributors came up with over 40 distinct threats and then voted and refined their list down to the ten most important vulnerabilities.

Read Post

Mend

Read more about OWASP Top 10 for LLM Applications: A Quick Guide

What does IAM PassRole do and How to Set it Up

Apr 10, 2024 By Eyal Katz In Spectral

95% of cloud security fails are due to internal slip-ups. One wrong password, one sloppy permission, and your sensitive data are out in the open. Thankfully, AWS gives you tools to fight back. IAM lets you control who does what, down to the finest detail. And IAM PassRole? It prevents sneaky permission grabs that put your data at risk.

Read Post

Spectral

Read more about What does IAM PassRole do and How to Set it Up

Cloudflare and Booz Allen Hamilton Now Delivering Rapid Incident Response for Enterprises Under Attack

Apr 9, 2024 By Cloudflare In Cloudflare

Cloudflare onboards enterprises under attack through Booz Allen collaboration, a fast track to Cloudflare's industry-leading Incident Response and DDoS mitigation.

Read Post

Cloudflare

Read more about Cloudflare and Booz Allen Hamilton Now Delivering Rapid Incident Response for Enterprises Under Attack

Securing the software supply chain with Black Duck Supply Chain Edition

Apr 9, 2024 By Mike McGuire In Synopsys

Each year, our "Open Source Security and Risk Analysis” (OSSRA) report highlights the fact that open source software (OSS) plays a critical and substantial role in modern application development, and it is therefore foundational to the software supply chain. The prevalence of OSS within commercial applications makes it difficult to track, and that makes it difficult to manage the risk that it may introduce.

Read Post

Synopsys

Read more about Securing the software supply chain with Black Duck Supply Chain Edition

Mitigate Upstream Risk in your Software with Black Duck Supply Chain Edition | Synopsys

Apr 9, 2024 By Synopsys In Synopsys

In this video, we introduce the new Black Duck Supply Chain Edition, which provides a full range of supply chain security capabilities to teams responsible for building secure, compliant applications. With third-party SBOM import and analysis, malware detection, and export options in SPDX or CycloneDX formats, teams can establish complete supply chain visibility, identify and mitigate risk, and align with customer and industry requirements.

View Video

Synopsys

Read more about Mitigate Upstream Risk in your Software with Black Duck Supply Chain Edition | Synopsys

CrowdStrike and Google Cloud Expand Strategic Partnership to Deliver Unified Cloud Security

Apr 9, 2024 By Cody Queen In CrowdStrike

CrowdStrike and Google Cloud today debuted an expanded strategic partnership with a series of announcements that demonstrate our ability to stop cloud breaches with industry-leading AI-powered protection. These new features and integrations are built to protect Google Cloud and multi-cloud customers against adversaries that are increasingly targeting cloud environments.

Read Post

CrowdStrike

Read more about CrowdStrike and Google Cloud Expand Strategic Partnership to Deliver Unified Cloud Security

Who's responsible for AI? Verity Harding on AI policy and ethics

Apr 9, 2024 By Jenn Marshall In 1Password

Who’s responsible for regulating technological change in a democracy?

Read Post

1Password

Read more about Who's responsible for AI? Verity Harding on AI policy and ethics

Security at the Speed of Cloud

Apr 9, 2024 By Datadog In Datadog

Cloud native technologies have empowered engineering teams to innovate rapidly: from releasing a few times a year to several times a day. This means security assessment have to be done continuously. To achieve this, developer, operation, and security teams have to collaborate in novel ways. Instead of communicating through backlogs, they need to work towards shared objectives. From processes to tooling, teams have to rethink the way they approach security, share context, and improve the security posture of their organization.

View Video

Datadog

Read more about Security at the Speed of Cloud

Tracing history: The generative AI revolution in SIEM

Apr 9, 2024 By Mike Nichols, In Elastic

The cybersecurity domain mirrors the physical space, with the security operations center (SOC) acting as your digital police department. Cybersecurity analysts are like the police, working to deter cybercriminals from attempting attacks on their organization or stopping them in their tracks if they try it. When an attack occurs, incident responders, akin to digital detectives, piece together clues from many different sources to determine the order and details of events before building a remediation plan.

Read Post

Elastic

Read more about Tracing history: The generative AI revolution in SIEM

Report on changes to your security posture with Cloud Security Management

Apr 9, 2024 By Pronoy Chaudhuri In Datadog

Achieving and maintaining compliance in the cloud proves challenging for many organizations, as it is a complex, ongoing effort that includes safeguarding sensitive data and ensuring infrastructure resources are correctly configured. Success often hinges on the ability to monitor compliance-related trends over time, enabling organizations to spot risk patterns, gauge their current compliance posture, and adapt as new risks emerge. However, gathering this data can be difficult.

Read Post