%term

Error Message Vulnerabilities: Why They Matter and How to Prevent Them

Feb 28, 2025 By Harshit Agarwal In Appknox

Ever get one of those annoying error messages on your phone that gives way too much detail? You know, the ones that tell you the line of code that failed or the exact database query that crashed the app. As an app user, you may dismiss the message and move on. But did you know those overly verbose error messages could be exposing your personal data?

Read Post

Appknox

Read more about Error Message Vulnerabilities: Why They Matter and How to Prevent Them

Using VS Code Insiders to Generate a Script...

Feb 28, 2025 By Snyk In Snyk

Using VS Code Insiders to Generate a Script...

View Video

Snyk

Read more about Using VS Code Insiders to Generate a Script...

Leveraging Generative AI with DevSecOps for Enhanced Security

Feb 27, 2025 By Stephen Thoemmes In Snyk

AI has made good on its promise to deliver value across industries: 77% of senior business leaders surveyed in late 2024 reported gaining a competitive advantage from AI technologies. While AI tools allow developers to build and ship software more efficiently than ever, they also entail risk, as AI-generated code can contain vulnerabilities just like developer-written code. To enable speed and security, DevSecOps teams can adopt tools to integrate security tasks into developer workflows.

Read Post

Snyk

Read more about Leveraging Generative AI with DevSecOps for Enhanced Security

Solving Security Challenges with Snyk Code and Symbolic AI

Feb 27, 2025 By Liran Tal In Snyk

How good is Symbolic AI as an automated expert system for analyzing code paths and detecting security vulnerabilities? Snyk Code is tested and demonstrates the benefits of rule-based, algorithmic systems.

Read Post

Snyk

Read more about Solving Security Challenges with Snyk Code and Symbolic AI

AI Was NOT Helping

Feb 27, 2025 By Snyk In Snyk

AI Was NOT Helping.

View Video

Snyk

Read more about AI Was NOT Helping

How AI-Automated Fuzzing Uncovered a Vulnerability in wolfSSL

Feb 27, 2025 By Code Intelligence In Code Intelligence

Despite wolfSSL’s rigorous software testing practices, in October 2024, Code Intelligence—an application security vendor—discovered a potentially exploitable defect in wolfSSL. Remarkably, the potential vulnerability was found without human intervention. The only manual step was executing a single command to trigger autonomous fuzz testing. Watch the video for a live demo of AI-automated fuzzing.

View Video

Code Intelligence

Read more about How AI-Automated Fuzzing Uncovered a Vulnerability in wolfSSL

From Zero to CTEM: An Actionable Approach to the Five Stages

Feb 26, 2025 By Nucleus In Nucleus

Join Nucleus team members Tali Netzer, Head of Product Marketing, and Scott Koffer, COO and Co-Founder, as they navigate the intricacies of Continuous Threat Exposure Management (CTEM). In this webinar, they discuss the history of vulnerability management, the evolution to CTEM, and how it fundamentally changes the approach to cybersecurity. Learn about the five-step CTEM process, from scoping and prioritization to validation and mobilization.

View Video

Nucleus

Read more about From Zero to CTEM: An Actionable Approach to the Five Stages

Viral but Vulnerable: The Hidden Risks of Cybersecurity Misinformation on Social Media

Feb 26, 2025 By Martin Kraemer In KnowBe4

It's no surprise that 18–29-year-olds are turning to social media for cybersecurity information. As digital natives, this age group naturally gravitates toward platforms where information is fast, accessible, and constantly updated. But how effectively are they absorbing these short snippets—and are they likely to share it forward? More importantly, what happens if that cybersecurity information is inaccurate?

Read Post

KnowBe4

Read more about Viral but Vulnerable: The Hidden Risks of Cybersecurity Misinformation on Social Media

How Automated Penetration Testing Is Revolutionising Vulnerability Detection

Feb 26, 2025 By Kate Watson In Pentest People

As businesses rely more on technology, the need to identify and remediate vulnerabilities becomes ever more pressing to avoid devastating breaches. Automated penetration testing offers a revolutionary approach to vulnerability detection, utilising cutting-edge tools to mimic hacker behaviour and uncover weaknesses in systems. This method not only enhances the efficiency of assessments but also significantly reduces the time and resources required compared to traditional penetration testing.

Read Post

Pentest People

Read more about How Automated Penetration Testing Is Revolutionising Vulnerability Detection

Does Claude 3.7 Sonnet Generate Insecure Code?

Feb 26, 2025 By Stephen Thoemmes In Snyk

With the announcement of Anthropic’s Claude 3.7 Sonnet model, we, as developers and cybersecurity practitioners, find ourselves wondering – is the new model any better at generating secure code? We commission the model to generate a classic CRUD application with the following prompt: The model generates several files of code in one artifact, which the user can manually copy and organize according to the file tree suggested by Claude alongside the main artifact.

Read Post