Application Security | News, how-tos, features, reviews, and videos
Primary code repositories are a godsend for software developers but offer easy access for threat actors to deliver malware. Experts say CISOs should scan for threats and be aware of the dangers.
Artificial intelligence is altering not only the threat landscape but also how security teams can defend their organizations. But AI isn’t the only trend cybersecurity pros should be on top of.
Because IT has so little visibility into non-human identities, attackers are increasingly seeking them out as ultra-easy onramps to everything of value in your enterprise. The solution? Stop treating NHIs as though they are another human end-user.
Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub.
Whitelisting locks down computers so only approved applications can run. Is the security worth the administrative hassle?
Java and .NET applications are the main source of unpatched vulnerabilities in the public sector.
Application security posture management tools need to integrate with other security tools to do their job.
The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools.
Security researchers allege that several apps are collecting data from iOS devices, violating Apple’s policy on device fingerprinting.
Five years after being discovered, the Kinsing cryptojacking operation remains very active against organizations, employing daily probes for vulnerable applications using an ever-growing list of exploits.