Vulnerability assessment tools scan assets for known vulnerabilities, misconfigurations, and other flaws. These scanners then output reports for IT security and application development operations (Dev...
GitHub has announced new features that could improve both developers’ experience and supply chain security.
The “private vulnerability” reports announced at GitHub Universe 2022 will allow open-so...
Patch management is all about helping organizations manage the process of patching software and applications. It encompasses functions such as testing patches, prioritizing them, deploying them, veri...
In the ever-evolving fight against data loss, data breaches, and data theft in the 21st century, organizations worldwide have turned to a number of cybersecurity solutions, services, and software in ...
With two high-profile breaches this year, Okta, a leader in identity and access management (IAM), made the kind of headlines that security vendors would rather avoid. After seeing headlines like thes...
For years the tech industry has promised a shift toward a passwordless future. In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology....
Whether it’s package hijacking, dependency confusing, typosquatting, continuous integration and continuous delivery (CI/CD) compromises, or basic web exploitation of outdated dependencies, there are ...
Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers.
The presentation at last week's...
Many of the basic principles for securing a data lake will be familiar to anyone who has secured a cloud security storage container. Of course, since most commercial data lakes build off of existing ...
Even the most advanced and sophisticated security tools are failing to protect against ransomware and data exfiltration, according to a new report from data encryption vendor Titaniam.
The St...