In the latest weekly update, the former federal CISO, Grant Schneider, joins three editors at ISMG to discuss important cybersecurity issues, including advice for the next White House cyber director and liability concerns facing CISOs following SolarWinds and its CISO being accused of fraud.
In today's data-driven world, organizations rely on a multitude of applications to drive business operations and deliver exceptional user experiences. However, managing and controlling application usage can be a daunting task. App Control is a comprehensive tactic that empowers organizations to take control of their...
How can generative artificial intelligence be adapted to automatically find and fix software vulnerabilities in critical code? Finding answers to that question is one of the "exciting prospects" tied to the AI Cyber Challenge recently announced by the White House, said NCC Group's Chris Anley.
As the world witnesses explosive growth in APIs, security teams find themselves in a race against time. APIs, the key to accelerating product delivery and enhancing customer experiences, also pose a formidable challenge for security leaders. In the digital landscape, data breaches and leaks through APIs have made...
The financial services industry is a prime target for cyberattacks due to its access to sensitive data and financial resources. As digital transformation accelerates, financial institutions face an expanded attack surface and increasingly sophisticated threats. To effectively manage security risks and comply with...
In the dynamic realm of web applications and APIs, safeguarding them from the clutches of bad bots, DDoS assaults, code injection, and vulnerabilities is a paramount mission for organizations. But what happens when you need to build robust security fortresses with a tight budget and a team that's growing at a snail's...
ASPM was introduced to help organizations consolidate and optimize their AppSec programs. But with dozens of vendors embracing the term, and approaching the problem in a multitude of ways, there’s a lot of confusion about what to look for in an enterprise ASPM solution.
ASPM solutions are designed to deliver...
A software supply chain security startup led by a longtime Google Cloud engineer closed a Series B round to help protect more open-source software. Seattle-area Chainguard said it can secure approximately 80% of the open-source software existing customers run in their enterprise today.
Finding a SIEM that's easy, scalable, affordable, and detects threats in real-time is complex with all the jargon out there, so we are making it easy for you.
We'll show you how to ditch your legacy SIEM and upgrade to a modern SIEM that provides real-time visibility from day one and start detecting your first...
A Georgia-based firm that provides administrative services for health plans is among the latest firms reporting a major health data hack involving their use of Progress Software's MOVEit file transfer software. NASCO joined a growing list of health sector vendors hit by MOVEit hacks.
Snyk purchased a Portuguese startup founded by SonarSource and European Parliament veterans to help developers contribute to code bases more quickly. The Boston-based developer security vendor said its buy of Porto-based Reviewpad will help developers secure pull requests.
In the latest "Proof of Concept," DXC Technology IT CISO and CyberEdBoard member Mike Baker and Chris Hughes, co-founder and CISO of Aquia, join ISMG editors to discuss benefits, challenges and misconceptions of adopting open-source software in modern code bases - plus best practices for securing them.
In recent years, the adoption of public cloud infrastructures has surged, providing organizations with unparalleled flexibility and scalability. But this shift has also introduced a new set of challenges when it comes to protecting web applications and APIs that are hosted on these platforms.
Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
In the modern, API-driven era — where 26 to 50 APIs power the average application — API security couldn’t be more important. Unsecured APIs make easy targets for bad actors searching for exposed application logic, resources, and sensitive data.
But despite having multiple API security products in place, 92% of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
