Industry Insights

Cloud Security

Enhancing Cloud Security on AWS

Frederick Harris, Senior Director, Products & Solutions Marketing, Fortinet • September 12, 2023

How does an organization achieve peace of mind with security while overcoming the challenges of complex hybrid and multi-cloud networks? Here are the top reasons why your organization should consider implementing a cloud-native firewall service to protect your AWS environments and applications.

API Security

5 Reasons Why You Need API Security Testing

Shay Levi • August 28, 2023

APIs have become increasingly popular as they are used to connect different systems, services and applications. But this makes them an attractive target for cybercriminals who want to exploits flaws and access sensitive data. Here are five critical reasons you need to conduct API security testing.

AI in XDR: When Does It Make Sense?

AJ Shipley, Vice President, Product - Threat Detection & Response • August 8, 2023

ChatGPT set the world on fire six months ago, and since then a slew of companies have released features or products built on or around generative AI - some of them completely legitimate and some of them little more than snake oil. Does AI makes sense everywhere for everything? Absolutely not.

Cisco Secure Access: SSE That Enables the Business

Jeff Scheaffer, Vice President of Product Management (SSE, SASE and Security Cloud) • August 8, 2023

Cisco Secure Access is a security service edge solution that delivers zero trust access to efficiently solve today's challenge of safely connecting anything to anywhere and reimagines the experience to make it better for users, easier for IT and safer for everyone.

API Security

How to Block API Attacks in Real Time

Shay Levi • August 3, 2023

Real-time protection against API attacks is nonnegotiable for the protection of any web application or digital service that relies on application programming interfaces. Here are some of the most common types of API attacks and strategies for protecting against them in real time.

Application Security & Online Fraud

What You Should Know About Open Source License Compliance for M&A Activity

Sam Quakenbush • August 1, 2023

Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use. Licenses...

Application Security & Online Fraud

Why Open Source License Management Matters

Adam Murray • August 1, 2023

The ongoing rise in open source vulnerabilities and software supply chain attacks poses a growing threat to businesses, which heavily rely on applications for success. Between 70 and 90 percent of organizations’ code base is open source, while vulnerabilities such as Log4j have significantly exposed organizations...

Application Security

Every Application Journey Needs a Cybersecurity Platform

Vince Hwang, Senior Director, Products & Solutions, Fortinet • July 28, 2023

Application journeys are fluid in practice because applications can live anywhere. Complex deployments with too many tools to configure and manage and overwhelmed IT teams lead to mistakes, so organizations should take a cybersecurity mesh platform approach to securing their application journeys.

What Generative AI Means for Security

Michiel Prins, Co-founder of HackerOne • July 24, 2023

What does generative AI mean for security? In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for security. We also will see an outsized explosion in new attack surfaces. HackerOne can help you prepare your defenses.

Anti-Phishing, DMARC

When Cybercriminals Go Phishing, Emails Get the Most Bites

Troy Gill • July 20, 2023

Despite the significant advances technology has made over the past few years, email remains one of the best tools for cybercriminals. Training is just one piece of the puzzle. The best defense against today's cybercrime landscape is a multilayered security strategy.

Governance & Risk Management

Understanding Your Adversary

Dave Bailey, Vice President of Consulting Services, Clearwater • July 18, 2023

Resilience, not just compliance, is becoming healthcare's primary goal in managing cyber risk. Moving to a more resilient state requires continuous cyber risk management, which requires knowing how an adversary thinks and attacks to ensure that the appropriate safeguards are in place.

API Security

How to Shop for an API Security Platform

Shay Levi • July 13, 2023

API security platforms have become an essential part of any organization's cybersecurity strategy, but with so many options available, it can be difficult to know how to choose the right one. In this article, we'll discuss how to evaluate API security platforms and what factors to consider.

Application Security

Leveraging Usage-Based Licensing

Vince Hwang, Senior Director, Products & Solutions, Fortinet • July 10, 2023

Traditional licensing models that lock organizations into fixed solutions or time periods are no longer ideal. Organizations need to consider usage-based licensing approaches that offer flexibility to deploy whatever solutions are required, wherever they are needed, for whatever length of time.

API Security

Application Security Testing vs. API Security Testing

Shay Levi • June 27, 2023

Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. We'll discuss the application and API security best practices for each type of testing, the use cases, and how they protect your business from cyberattacks.

API Security

Why Manual API Discovery Is Impossible

Shay Levi • June 7, 2023

Manual API discovery is impossible due to the sheer number of APIs available, their constant changes, poor documentation, different formats and protocols, and different authentication and security requirements. Given these challenges, the solution is to use automated API discovery tools.