Vulnerability

OWASP Top 10: Cryptographic failures

Feb 13, 2023 By Synopsys Cybersecurity Research Center In Synopsys

Listed as #2 on the OWASP Top 10 list, cryptographic failures expose sensitive data due to a lack of or weak encryption. Many of the web and mobile applications you use daily require you to input sensitive information. Cryptography offers tools that can be used to safeguard sensitive data and securely transfer it across the internet. Cryptography is powerful but it must be used properly to be effective.

Read Post

Synopsys

Read more about OWASP Top 10: Cryptographic failures

Vulnerability Management Within Slack by Astra Security

Feb 13, 2023 By Astra In Astra

We've brought security to your workplace Astra users can now manage their security within Slack 🥳 You can stay on top with alerts about the target, manage vulnerabilities and collaborate with Astra's security experts - right within Slack

View Video

Astra

Read more about Vulnerability Management Within Slack by Astra Security

Sleepless Nights Due to Malware

Feb 11, 2023 By Indusface In Indusface

This podcast is hosted by Venkatesh Sundar, founder at Indusface, with our guest Kashish Jajodia CTO at Draup. Kashish learned the importance of #cyber #security from an interesting experience, which led him to build a robust SaaS application that supports some multi-million dollar customers 🧳. In this session, Kashish talks to Venky about how he looks at vulnerability assessment, penetration testing, and application security. What drives Draup to look at application security? Is it for building trust with their customers or compliance needs?

View Video

Indusface

Read more about Sleepless Nights Due to Malware

Automated Fuzzing | How You Can Find the Log4j Vulnerability in Less Than 10 Minutes

Feb 10, 2023 By Code Intelligence In Code Intelligence

While most developers rely on unit testing to test whether their application behaves as expected, complementary testing approaches such as automated fuzz testing can enable them to also check their applications for unexpected or strange behaviors that could lead to crashes and make them vulnerable to Denial of Service (Dos) attacks or Zero-Day exploits, or Remote Code Execution (RCE) attacks such as the recent Log4j vulnerability.

View Video

Code Intelligence

Read more about Automated Fuzzing | How You Can Find the Log4j Vulnerability in Less Than 10 Minutes

35 Cyber Security Vulnerability Statistics, Facts In 2023

Feb 10, 2023 By Nivedita James In Astra

A vulnerability is a state of being exposed to the possibility of an attack. In the context of cyber security, vulnerabilities are software bugs that can expose your systems to threats like malware infection, DDoS attacks, injections, and ransomware attacks.

Read Post

Astra

Read more about 35 Cyber Security Vulnerability Statistics, Facts In 2023

What Is Vulnerability: An In-Depth Understanding

Feb 10, 2023 By Nivedita James In Astra

The number of devices, systems, and assets that are reliant on the internet is increasing by the day. From the POV of an attacker, this is a gold mine.

Read Post

Astra

Read more about What Is Vulnerability: An In-Depth Understanding

OWASP API1: 2019 - Broken Object Level Authorization

Feb 9, 2023 By Indusface In Indusface

Are you leaving your APIs vulnerable to attacks? OWASP revealed that Broken Object Level Authorization is among the top 10 most critical API security risks list. It is number 1 on OWASP API Top 10, 2019. Even large companies like Facebook, Uber, and Verizon, with thousands of engineers and dedicated security teams, have experienced BOLA attacks. Before diving into Broken Object Level Authorization, here are a few terms you’ll need to be familiar with.

Read Post

Indusface

Read more about OWASP API1: 2019 - Broken Object Level Authorization

Prevent Inadvertent Software Supply Chain Exposures When Allowing Public Access to Private Registries

Feb 9, 2023 By Sean Pratt In JFrog

At JFrog, we’re serious about software supply chain security. As a CVE Numbering Authority, our JFrog Security Research team regularly discovers and discloses new malicious packages and vulnerabilities posing a threat to development organizations. We know that in order to deliver trusted software on demand, you must have a secure software supply chain — making security a priority in everything we do.

Read Post

JFrog

Read more about Prevent Inadvertent Software Supply Chain Exposures When Allowing Public Access to Private Registries

CSPRNG: Random algorithms need security too!

Feb 9, 2023 By Michael Biocchi In Snyk

If I throw a coin high up in the air, I know the outcome — it will either be heads or tails. However, I can’t predict which it will be. I will certainly be able to guess with a 50% chance, but I can’t be 100% certain. If I were to roll a die, my certainty becomes less (1 in 6). However, I still know what the output could be. Computers are great at many things, especially predictability. They are deterministic and creating a truly random number is impossible.

Read Post

Snyk

Read more about CSPRNG: Random algorithms need security too!

Vulnerability Management Software Comparison: Top 10 Tools

Feb 9, 2023 By Nivedita James In Astra

Vulnerability Management refers to the systematic approach to the identification, classification, and remediation of vulnerabilities across various cyber systems.

Read Post