%term

PTaaS guide | Choosing the right test environment

May 16, 2024 By Marcus White In Outpost 24

A major challenge for developing modern applications is ensuring their security. Penetration Testing as a Service (PTaaS) is a cloud-enabled approach that lets you proactively find and fix application vulnerabilities and protect your digital assets. A key step to using a PTaaS solution is selecting the right testing environments. This guide will help you understand the pros and cons of different testing environments, and decide which is best for your organization.

Read Post

Outpost 24

Read more about PTaaS guide | Choosing the right test environment

The xz apocalypse that almost was*

May 16, 2024 By Ben Edwards In BitSight

It’s been a while since I’ve blogged. Things have been busy; Bitsight released a great report authored by yours truly on CISA’s KEV catalog. It’s really great if I do say so myself so I highly recommend going and giving it a glance.

Read Post

BitSight

Read more about The xz apocalypse that almost was*

OWASP Top 10 | A07: 2021 - Identification & Authentication Failures

May 16, 2024 By VISTA InfoSec In VISTA InfoSec

Identification and authentication policies are very important in safeguarding digital assets, protecting privacy, ensuring regulatory compliance, fostering trust, and mitigating risks in today's interconnected and data-driven environments. But some organizations are lax in implementing these policies creating security risks for them and the data of the people stored there. Today we will learn about the various ways in which cybercriminals steal dat and how organizations can prevent it.

View Video

VISTA InfoSec

Read more about OWASP Top 10 | A07: 2021 - Identification & Authentication Failures

Top 5 VS Code Security Extensions - ESLint

May 16, 2024 By Snyk In Snyk

Watch the full video for more... About Snyk Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about Top 5 VS Code Security Extensions - ESLint

CTI Roundup: Q1 Exploit Trends, HijackLoader, & the State of Pentesting

May 15, 2024 By Tanium In Tanium

Kaspersky reveals the top exploit and vulnerability trends for the first quarter of 2024, HijackLoader evolves with new evasion techniques, and Cobalt releases its 2024 State of Pentesting report.

Read Post

Tanium

Read more about CTI Roundup: Q1 Exploit Trends, HijackLoader, & the State of Pentesting

Symmetric vs. asymmetric encryption: Practical Python examples

May 15, 2024 By Josh Amata In Snyk

Symmetric and asymmetric encryption are the two most common ways to protect sensitive data with cryptography. These methods use key(s) to transform an unencrypted message into an encrypted message (a ciphertext) that is extremely difficult to decrypt without the correct key(s). Symmetric encryption uses a single key to encrypt and decrypt data. In contrast, asymmetric encryption uses a pair of keys, a public and private key, to encrypt and decrypt sensitive data.

Read Post

Snyk

Read more about Symmetric vs. asymmetric encryption: Practical Python examples

Top 5 VS Code Security Extensions - 1Password

May 15, 2024 By Snyk In Snyk

Watch the full video for more... About Snyk Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about Top 5 VS Code Security Extensions - 1Password

Cyber Defense Magazine names Forward Networks a Market Leader in Vulnerability Assessment, Remediation and Management at 12th annual Global Infosec Awards

May 15, 2024 By Dawn Slusher In Forward Networks

During a very busy RSA Conference, Forward Networks was named a market leader in vulnerability assessment, remediation, and management at the 12th annual Global Infosec Awards hosted by Cyber Defense Magazine. This is the second consecutive year that Forward Networks has taken top honors in security.

Read Post

Forward Networks

Read more about Cyber Defense Magazine names Forward Networks a Market Leader in Vulnerability Assessment, Remediation and Management at 12th annual Global Infosec Awards

NVD Update: More Problems, More Letters, Some Questions Answered

May 15, 2024 By AJ Starita In Mend

The past week has been a wild ride for those following all the hot goss’ on the National Vulnerability Database. Previously on The Code and the Vulnerable, we reported on the NVD slowdown that began in mid February. Since then, the NVD has been adding new CVEs, but has only enriched (with important information like CVSS and CPE) a very small fraction of them. If you need a breakdown of all these acronyms, definitely check out that first blog on this topic.

Read Post

Mend

Read more about NVD Update: More Problems, More Letters, Some Questions Answered

AppSec spring cleaning checklist

May 13, 2024 By Mariah Gresham In Snyk

Something about the springtime sunshine and blooming flowers inspires many of us to start cleaning. For some, it might be tackling the backyard shed that accumulated cobwebs over the winter or that overflowing junk drawer in the corner of the kitchen. As you survey your home and yard and decide where to start cleaning, it’s also a great time to look at your application security program and see if any of your existing processes need some tidying up. Here are a few great places to start.

Read Post