The tide of change that’s washed over the world in the past few years has had sweeping implications for how we live and work. It’s estimated that 26% of American workers were fully remote in 2021 and that number has increased with 47% Amercians work...
A common topic of conversation we have with software developers is how to reliably and accurately scan code for vulnerabilities while minimizing the number of false positives. And when false positives do appear, how can they be excluded from the code assessme...
The application security world is constantly under attack. One of the most common attacks comes in the form of hacker groups. These notorious hacking groups are often organized and motivated by political or social agendas. While some hacker groups pull relati...
One of the key benefits of cloud computing is that it has given organizations the ability to more quickly accelerate applications to market, providing increased business agility. That means organizations can potentially reach the market faster than ever befor...
Threat actors have been using GitHub‘s repojacking flaw to hijack and inject thousands of repositories with malicious code. This flaw has yet to be fixed, meaning GitHub users will likely see more of these attacks soon. Luckily, there are ways to prevent...
With the rise of collaborative software development environments, it’s more important than ever to ensure that code quality and security are top priorities. After all, when multiple developers are working on a project, one bad actor can easily ruin things for...
Implementing a comprehensive security framework requires a strategy that brings security to the front of every stage of the development process — and zero trust is the answer. Here’s how it’s done … The Ponemon Institute recently collaborated with IBM in thei...
For the first time in the survey’s history, respondents to the Allianz Risk Barometer cited cyber incidents as their number one concern for 2022. This worry isn’t surprising, considering cybercriminals are getting bolder in their exploits. Lately, n...
Researchers recently announced the presence of a gaping security hole in Spring, a framework widely used by organizations developing Java applications. Designated CVE 2022 2965 and nicknamed SpringShell, the substantial chink in the collective Java ...
Organizations are now scanning for security vulnerabilities at a rate 20 times faster than just a few years ago. The increase in scanning activity is driven by several factors, including the growing use of automated scanning tools, the proliferation...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operational requirements for establishing security measures around payment security. It replaced a...
On March 31, 2022, the PCI Security Standards Council (PCI SSC) released the latest version of the PCI Data Security Standard (PCI DSS), outlining technical and operations requirements for establishing security measures around payment security. It replaced a ...
