Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
In the modern, API-driven era — where 26 to 50 APIs power the average application — API security couldn’t be more important. Unsecured APIs make easy targets for bad actors searching for exposed application logic, resources, and sensitive data.
But despite having multiple API security products in place, 92% of...
Today, web apps and APIs are the most common medium for sharing and modifying data. As Web apps and APIs evolve, so does the attack surface. Application Security, Development, and Cloud Architects require a comprehensive solution to protect their Web Apps and APIs across any infrastructure.
Download this eBook, where...
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
Veracode, Synopsys and Checkmarx remain atop Forrester's static application security testing list, while Micro Focus fell from the leaderboard after the OpenText buy. Firms have gone beyond evaluating the security of code itself and now assess the safety of the infrastructure the code is running on.
Application control helps you handle the ever-increasing number of threats to computers and devices on a corporate network. As security threats and malware have evolved, so too has the need for technologies like application control. Gone are the days when malware might redirect the user’s search engine. Now,...
Check Point Software will buy a SaaS security startup founded by former Armis leaders to anticipate and block threats from malicious applications. The deal will give clients a better understanding of the SaaS platforms - such as Office 365, Salesforce and GitHub - that power their business.
GrammaTech has separated its security software products and cyber research services divisions, and venture capital firm Battery Ventures has acquired the former and renamed it CodeSecure. The Washington, D.C.-area application security testing software business will pursue M&A in adjacent markets.
Multiple hackers are minting newer capabilities from an open-source information stealer to spawn new variants. The malware steals sensitive information such as corporate credentials, which are resold to other threat actors for attacks, including operations related to espionage or ransomware.
Splunk is proud to be named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Performance Monitoring and Observability. Gartner® defines the application performance monitoring (APM) and observability market as software that enables the observation and analysis of application health, performance and...
Amid the rapid evolution of cyber threats, staying informed about the latest trends is paramount to protecting your digital assets. Join cybersecurity experts from Coalfire and NowSecure as they delve into the dynamic realm of digital security. Drawing on insights from the recently unveiled 5th annual Coalfire and...
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Third-party targeting by attackers has intensified due to the interconnectedness of the business world, enabling adversaries to exploit intermediaries for access. With the surge in cloud adoption, visibility in the cloud is paramount, advised Levi Gundert, chief security officer at Recorded Future.
Enterprises have been keenly exploring the potential of generative AI, deploying it to fuel innovation. But stealthy integration of AI features into products already owned by organizations has cybersecurity experts worried, said Jeff Pollard, vice president and principal analyst at Forrester.
Organizations engaged in software production often run their applications and services within cloud environments. CEO Ganesh Pai advocates the "shift-up" approach for enhanced cloud security, which focuses on operational visibility extending from software composition to production workloads.