The latest security technology and best practices to secure software applications, vulnerabilities and code.
Passkeys are revolutionizing the way we log in to apps and websites. Learn how they work and their benefits now. Read more
Passkeys are a promising technology for passwordless authentication, and Google is leading the way. Read more
Learn how automated patch management works, best practices, the top tools, and how automated patching can help improve network security. Read more
Learn about the similarities and differences between patch and vulnerability management and what to look for in a solution. Read more
Open-source penetration testing tools are freely available software that help pentest teams identify areas of weakness in their systems. Teams often need a variety of tools to perform a full penetration test, so using the wide range of open-source pentesting tools helps them keep their costs down. And many pentesters are already familiar with well… Read more
Despite all of our investments in security tools, the codebase can be the weakest link for any organization’s cybersecurity. Sanitizing and validating inputs is usually the first layer of defense. Attackers have been using classic flaws for years with a pretty high success rate. While advanced threat actors have more sophisticated approaches such as adversarial… Read more
Andrej Karpathy is a former research scientist and founding member of OpenAI. He was also the senior director of AI at Tesla. Lately, he has been using Copilot, which leverages GPT-3 to generate code. He tweeted this about it: “Nice read on reverse engineering of GitHub Copilot. Copilot has dramatically accelerated my coding, it’s hard… Read more
Virtual patching uses policies, rules and security tools to block access to a vulnerability until it can be patched. Zero-day threats and legacy systems are two ways that vulnerabilities can be created for which no patch may exist for some time, if ever. In those cases, security teams can block a potential attack path until… Read more
Application security is the practice of securing software and data from hackers, whether that application comes from a third party or was developed in house, regardless of where it resides or how it’s accessed. As that definition spans the cloud and data centers, and on-premises, mobile and web users, application security needs to encompass a… Read more
GitHub has announced new features that could improve both developers’ experience and supply chain security. The “private vulnerability” reports announced at GitHub Universe 2022 will allow open-source maintainers to receive private issues from the community. Maintainers will be able to receive reports and collaborate with security professionals and all other issuers to patch vulnerabilities. Also… Read more