%term

OWASP Top 10: API Security Threats

Feb 22, 2022 By Indusface In Indusface

It’s no secret that APIs are under attack. Companies are struggling to keep their APIs safe and secure from accidental breaches to malicious hacks. The problem will only worsen as APIs become more complex and more companies rely on them for critical business functions. The security risks increase exponentially. About Indusface: Indusface is a SaaS company that secures critical Web applications of 2000+ global customers using its award-winning platform that integrates Web application scanner, Web application firewall, CDN, and threat information engine.

View Video

Indusface

Read more about OWASP Top 10: API Security Threats

4 Best Practices to Reduce Zero Day Exploits

Feb 22, 2022 By Indusface In Indusface

As cybercrime is rising by the hour, security is a huge concern for everyone today. One of the most effective ways to protect the systems from being hacked is detecting and fixing the vulnerabilities. However, now attackers began to take advantage of security flaws known only to them. Zero-day exploits are very difficult to prepare for as they’re quite unpredictable.

View Video

Indusface

Read more about 4 Best Practices to Reduce Zero Day Exploits

CVE-2022-23628, OPA and Styra DAS

Feb 21, 2022 By Torin Sandall In Styra

CVE-2022-23628 was published last week by the Open Policy Agent (OPA) project maintainers after a user reported unexpected behavior from a policy bundle that was built with optimizations enabled. The problem stemmed from a regression fix in the v0.33.1 release that addressed incorrect pretty-printing of Rego object literals by the `opa fmt` command and the underlying `format` package.

Read Post

Styra

Read more about CVE-2022-23628, OPA and Styra DAS

Conveniently insecure: the tradeoff between security and convenience

Feb 21, 2022 By Martin Jartelius, CSO In Outpost 24

When it comes to making business decisions about new technologies and software adoption into your organization – it’s vital to work with your security team to balance the need for speed without sacrificing security.

Read Post

Outpost 24

Read more about Conveniently insecure: the tradeoff between security and convenience

What you need to know about Log4Shell

Feb 17, 2022 By Emily Davignon In AT&T Cybersecurity

Photo by ThisIsEngineering from Pexels Considered one of the largest exploitable vulnerabilities in history, Log4Shell affects many as Log4J is one of the most extensively used logging libraries. An issue that has existed for almost a decade but just recently was discovered, Log4Shell leaves companies vulnerable to the full extent of these attacks. AT&T Alien Labs blogged about the vulnerability back in December 2021, with more technical detail.

Read Post

AT&T Cybersecurity

Read more about What you need to know about Log4Shell

Welcoming Fugue as we build the future of developer-first cloud security

Feb 17, 2022 By Guy Podjarny In Snyk

Today, I am excited to announce Snyk’s acquisition of Fugue and welcome their team to the Snyk family. The addition of Fugue to Snyk’s platform will allow us to continue our mission to help developers find and fix security issues in the applications they create, by providing visibility into the security of applications and the cloud services they use. But it’s about more than just visibility of the cloud posture.

Read Post

Snyk

Read more about Welcoming Fugue as we build the future of developer-first cloud security

CVE-2022-24086 Vulnerability alert for websites using Magento Ecommerce

Feb 17, 2022 By DeveloperSteve In Snyk

Magento has been a much used and loved e-commerce platform since its initial release in 2008. One of the things I’ve always loved about Magento is its ability to grow as ecommerce businesses grow. Starting as a self-hosted version (which I’ve used extensively as a developer over the years), Magento now has clear support and management options available via Adobe or third party ecosystem partners.

Read Post

Snyk

Read more about CVE-2022-24086 Vulnerability alert for websites using Magento Ecommerce

How to Automate Workflows with Falcon Spotlight

Feb 17, 2022 By CrowdStrike In CrowdStrike

Description: In this video, we will see how CrowdStrike customers can integrate Falcon Spotlight with their existing ticketing tools to orchestrate the remediation of vulnerabilities.

View Video

CrowdStrike

Read more about How to Automate Workflows with Falcon Spotlight

How to Perform a Comprehensive Network Vulnerability Assessment

Feb 17, 2022 By Eyal Katz In Spectral

Despite growing awareness and prioritization of cybersecurity, close to 22,000 vulnerabilities were published in 2021 alone. This concerning number proves that awareness and a willingness to invest in cybersecurity aren’t always enough to protect your organization’s network, and that network vulnerability is far from a problem of the past. To protect your networks, you need to continually monitor and assess their potential vulnerabilities to guarantee security.

Read Post

Spectral

Read more about How to Perform a Comprehensive Network Vulnerability Assessment

How to Perform a Comprehensive Network Vulnerability Assessment

Feb 17, 2022 By Eyal Katz In Spectral

Despite growing awareness and prioritization of cybersecurity, close to 22,000 vulnerabilities were published in 2021 alone. This concerning number proves that awareness and a willingness to invest in cybersecurity aren’t always enough to protect your organization’s network, and that network vulnerability is far from a problem of the past. To protect your networks, you need to continually monitor and assess their potential vulnerabilities to guarantee security.

Read Post