For the past 12 years in Austin, TX, the last week of October has been reserved for the Lonestar Application Security Conference (LASCON). Unequivocally, LASCON is the best cybersecurity conference you have never heard of! LASCON is the annual confab of the Austin, TX OWASP (the Open Worldwide Application Security Project) chapter. OWASP is a volunteer organization that is a treasure trove of application security information with things such as standards, discussion groups, documentation, and more.
For security researchers, there is a series of hurdles in raising a potential vulnerability well before the issue itself is widely recognized. Convincing the project maintainers that there is an issue becomes the first hurdle, even with a working example. At times, there is a thin and fuzzy line to a vulnerable path being identified as a bug rather than a security vulnerability.
Security Assertion Markup Language (SAML) is an XML-based framework that plays a pivotal role in enabling secure identity and access management. It acts as a trusted intermediary between various entities in a digital ecosystem, such as identity providers, service providers, and users. The primary purpose of SAML is to facilitate single sign-on (SSO), a seamless and efficient authentication process where a user can access multiple applications and services using a single set of credentials.
Delta Dental of California (DDC), Delta Dental Insurance Company, Delta Dental of Pennsylvania, and other subsidiaries may have exposed data; the compromised data is not a product of the organizations. Instead, the breach stems from a third-party servicer specializing in file management and transferring tools—MOVEit.
We’re proud that Snyk has been honored with inclusion on the inaugural Fortune Cyber 60 list as a top growth-stage company. The full list was unveiled late last week. In 2023, our industry encountered distinctive challenges, but the entire Snyk community demonstrated resilience and a steadfast commitment to our founding mission: empowering and equipping DevSecOps teams worldwide to build securely.
In modern web development, JSON Web Tokens (JWTs) have become a popular method of securely transmitting information between parties. JWTs are used for authentication and authorization and are often used to store user information. However, with the increasing use of JWTs come potential security risks that developers need to be aware of. As a developer, you are responsible for ensuring that your application is secure and user data is protected.