Latest from todayfeature7 key trends defining the cybersecurity market todayHere’s what CISOs should know about the industry’s evolutions, as top vendors fortify platform strategies, upstarts attract VC investment, and product categories blur and emerge.By Neal Weinberg04 Mar 20259 minsIntrusion Detection SoftwareSecurity Information and Event Management SoftwareVenture Capital feature The CSO guide to top security conferencesBy CSO Staff28 Feb 202510 minsApplication SecurityEventsTechnology Industryfeature How organizations can secure their AI-generated codeBy Andrada Fiscutean20 Jan 202510 minsApplication SecuritySoftware Development newsBlack Hat: Latest news and insightsBy CSO Staff 16 Dec 20245 minsAdvanced Persistent ThreatsBlack HatThreat and Vulnerability Management newsAmazon refuses Microsoft 365 deployment because of lax cybersecurityBy Evan Schuman 16 Dec 20245 minsAccess ControlApplication SecurityCloud Security featureHow to turn around a toxic cybersecurity cultureBy John Edwards 13 Dec 20247 minsApplication SecurityData and Information SecurityIT Training featureThe 7 most in-demand cybersecurity skills todayBy Eric Frank 12 Dec 202411 minsApplication SecurityCloud SecurityCompliance newsMitel MiCollab VoIP authentication bypass opens new attack pathsBy Lucian Constantin 05 Dec 20245 minsApplication SecurityThreat and Vulnerability ManagementVulnerabilities news analysisRising ClickFix malware distribution trick puts PowerShell IT policies on noticeBy Lucian Constantin 21 Nov 20246 minsMalwarePhishingSocial Engineering ArticlesnewsMisconfigurations can cause many Microsoft Power Pages sites to expose sensitive data Organizations that develop websites with Microsoft Power Pages can accidentally overprovision database privileges for authenticated or anonymous users, leading to the exposure of sensitive records, a researcher has found.By Lucian Constantin 15 Nov 2024 7 minsApplication SecuritySecurity PracticesWeb DevelopmentnewsBeware malicious NPM packages, Checkmarx warns‘Package confusion’ attack against NPM used to trick developers into downloading malwareBy John E. Dunn 07 Nov 2024 1 minApplication SecurityfeatureTop 5 security mistakes software developers makeAs attacks continue to plague cybersecurity leaders, CSO has compiled a list of common mistakes by software developers that can be prevented.By David Strom 07 Nov 2024 10 minsApplication SecurityDevSecOpsnewsLLMs hallucinating non-existent developer packages could fuel supply chain attacksLarge language models could be exploited to launch waves of “package confusion” attacks, first major study into package hallucination finds.By John E. Dunn 02 Oct 2024 1 minApplication SecuritySecurityhow-toDownload our AI security posture management (AI-SPM) enterprise buyer’s guideWidespread adoption of generative AI across businesses has increased the need for contingencies, including AI security software. Here, we examine nine vendors’ tools that handle AI security posture management (AI-SPM).By David Strom 24 Sep 2024 1 minApplication SecurityEnterprise Buyer’s GuidesSecurity Monitoring SoftwareanalysisThe 18 biggest data breaches of the 21st centuryData breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.By Michael Hill, Dan Swinhoe and John Leyden 12 Sep 2024 18 minsData BreachMalwarePhishingopinionApplication detection and response is the gap-bridging technology we needThere are many good reasons to embrace ADR as a security staple and a whole lot more why other technologies can’t address all the security needs of applications running out there in the wild.By Chris Hughes 12 Sep 2024 7 minsApplication SecurityDevSecOpsEndpoint ProtectionfeatureWhat is OWASP? A standard bearer for better web application securityThe Open Web Application Security Project (OWASP) is an international nonprofit dedicated to providing free documentation, tools, videos, and forums for anyone interested in improving the security of their web applications.By Linda Rosencrance 28 Aug 2024 8 minsApplication SecurityIT SkillsInternet SecurityopinionBug bounty programs take root in Russia — with possible far-reaching implicationsInternational sanctions, IT isolation, and shifting attitudes to ethical hacking have bug bounty programs on the rise in Russia, with zero-day acquisition companies potentially poised to profit.By Sarah Wiedemar 27 Aug 2024 7 minsApplication SecurityTechnology Industryfeature6 hot cybersecurity trends — and 2 going coldArtificial intelligence is altering not only the threat landscape but also how security teams can defend their organizations. But AI isn’t the only trend cybersecurity pros should be on top of.By Neal Weinberg 06 Aug 2024 11 minsAuthenticationPasswordsPhishingfeatureNHIs may be your biggest — and most neglected — security holeBecause IT has so little visibility into non-human identities, attackers are increasingly seeking them out as ultra-easy onramps to everything of value in your enterprise. The solution? Stop treating NHIs as though they are another human end-user.By Evan Schuman 23 Jul 2024 9 minsApplication SecurityIdentity and Access ManagementNetwork Securitynews analysisPython GitHub token leak shows binary files can burn developers tooScrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub.By Lucian Constantin 11 Jul 2024 5 minsApplication SecurityDevSecOpsSoftware Development Show more Show less View all Resources whitepaper Unlock Data Value: A Proven Framework To Implement Data Products This webinar explains critical data product concepts and guides your organization to effectively implement a data-products strategy and data-streaming platform that unifies your operational and analytical data for any use case. The post Unlock Data Value: A Proven Framework To Implement Data Products appeared first on Whitepaper Repository –. By CONFLUENT 24 Feb 2025Business OperationsData ArchitectureDigital Transformation whitepaper How to assess potential business value in 5 minutes – Human Capital Management By Workday Inc. 22 Nov 2024Business OperationsCloud ComputingIT Management whitepaper How to assess potential business value in 5 minutes – Finance and Human Resources By Workday Inc. 22 Nov 2024Business OperationsCloud ComputingIT Leadership View all Podcasts podcastsCSO Executive Sessions / AustraliaIn this weekly series, host Edmund Kennedy, Editor of CSO Australia, interviews top chief information security officers throughout Australia to discuss current security threats, critical IT projects, security skills and careers, and much more.19 episodesApplication Security Ep. 19 CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO Ep. 18 CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University 16 Oct 202315 mins CSO and CISO Video on demand videoCSO Executive Sessions Australia with Gavin Ryan, Global Head of Information Security, NavitasCSO Executive Sessions Australia with Gavin Ryan, Global Head of Information Security, Navitas, on the dynamics of overseeing a cyber security strategy for a global business, why it’s felt organisations will go on a ‘data diet’ in 2023, and the importance of raising awareness of good cyber security principles among our youngest Australians. 26 May 2023 12 minsApplication Security CSO Executive Sessions with Kevin Tham, CISO at eitka 03 May 2023 19 minsApplication Security CSO Executive Sessions Australia with Charles Gillman, CISO at SuperChoice 27 Apr 2023 18 minsApplication Security What’s ahead for cybersecurity in 2019: TECH(talk) 01 Feb 2019 25 minsCyberattacksRansomwareTechnology IndustrySee all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics Show me morePopularArticlesPodcastsVideos news Linux, macOS users infected with malware posing as legitimate Go packages By Shweta Sharma 07 Mar 20253 mins MalwareSecurity feature 8 obstacles women still face when seeking a leadership role in IT By Christina Wood 07 Mar 20258 mins CareersIT Leadership feature What is risk management? Quantifying and mitigating uncertainty By Josh Fruhlinger 07 Mar 202510 mins IT Governance FrameworksIT LeadershipRisk Management podcast CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security video CSO Executive Sessions: How should software solution providers keep themselves and their enterprise clients safe? 26 Jan 202518 mins Security video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2) 14 Nov 202415 mins Critical InfrastructureIT GovernanceSupply Chain