May 14, 2024
Via: InfoWorldThe innovation hub of RSAC 2024, the RSAC Early Stage Expo was specifically designed to showcase emerging players in the information security industry. Among the 50 exhibitors crammed into the second floor booth space, seven VC-backed up-and-comers in application security […]
February 28, 2023
Via: Hacker NewsAs digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to secure applications and APIs (Application Programming Interfaces). With that said, application security and API security are two critical components […]
Computing, Software & Applications
October 18, 2022
Via: Info WorldAs part of the development of JFrog Xray’s new Secrets Detection feature, we wanted to test our detection capabilities on as much real world data as possible, both to make sure we eliminate false positives and to catch any errant […]
February 23, 2022
Via: Info WorldArgo CD is a popular open source, continuous delivery (CD) platform for Kubernetes that is used by hundreds of organizations globally. Recently, a serious vulnerability in Argo CD was uncovered by Apiiro, which enables attackers to access sensitive information such […]
January 4, 2022
Via: Info WorldIf 2020 was the year that we became acutely aware of the consumer goods supply chain (toilet paper, anyone? Anyone?), then 2021 was the year that the software supply chain rose in our collective consciousness. In perhaps the most infamous […]
December 27, 2021
Via: Info WorldEarlier this month, security researchers uncovered a series of major vulnerabilities in the Log4j Java software that is used in tens of thousands of web applications. The code is widely used across consumer and enterprise systems, in everything from Minecraft, […]
Computing, Software & Applications
December 16, 2021
Via: Info WorldLast weekend, the internet caught fire, and it is still unclear just how many developers with fire extinguishers will be needed to bring it under control. There was a set of first responders on the scene, however: largely unpaid maintainers […]
Computing, Software & Applications
December 15, 2021
Via: Info WorldModern software development practices make securing the software supply chain more important than ever. Our code has dependencies on open source libraries which have dependencies on other libraries and so on—a chain of code that we didn’t develop, didn’t compile, […]
December 7, 2021
Via: Info WorldAttacks on cloud-native infrastructures are on the rise. Research over a six-month period in 2021 shows a 26% increase in attacks on container environments over the previous six months. Malicious actors are targeting the auto-build process, packing the payloads, using […]
Computing, Software & Applications
November 17, 2021
Via: Info WorldFor software developers who primarily build their applications as a set of microservices deployed using containers and orchestrated with Kubernetes, a whole new set of security considerations has emerged beyond the build phase. Unlike hardening a cluster, defending at run […]
January 21, 2021
Via: The Hacker NewsWhen you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at […]
Performance, security, and availability
August 2, 2016
Via: Info WorldSome users’ accounts are more attractive to malicious hackers than others. Computer security experts have long focused on local administrators/root — and recently even more on all-powerful network administrators such as members of the domain admin and enterprise admin groups. […]
Performance, security, and availability
June 30, 2016
Via: Info WorldA Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers. Symantec released patches for the affected products, but while […]
Performance, security, and availability
May 10, 2016
Via: Info WorldOver the past week security researchers have seen increasing attempts by hackers to find servers vulnerable to remote code execution vulnerabilities recently found in the ImageMagick Web server library. The flaws were publicly disclosed last Tuesday by researchers who had […]
Online Tools, Performance, security, and availability
May 9, 2016
Via: Info WorldLenovo has fixed a vulnerability in its Lenovo Solution Center support tool that could allow attackers to execute code with system privileges and take over computers. The Lenovo Solution Center (LSC) is an application that comes pre-installed on many Lenovo […]