Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
07/11/2023
Developers Alliance Adds Two New Board Members
Kareem Ghanem of Google and Steven Phillips of Contrast Security to assume governance roles.
07/07/2023
How to protect your organization from software APIs that can either drive or ruin business success
Rapidly changing application programming interfaces (APIs) make ripe targets for attackers, and organizations need new security practices to defend themselves.
07/06/2023
Data Loss Prevention for Financial Services in 2023
The financial services industry has its unique set of data security challenges.
07/05/2023
Episode 126: Unleashing the Power of AI in Product Management and Cybersecurity with Steve Wilson, Chief Product Officer at Contrast Security
In this episode of Product Thinking, Steve Wilson, Chief Product Officer at Contrast Security, joins Melissa Perr.
07/04/2023
Federal Network Devices Across Multiple Agencies Violate CISA’s Security Requirements
Security researchers have discovered hundreds of federal network devices.
07/02/2023
Idea of separate US Cyber Force raises eyebrows
The prospect of an independent Cyber Force within the US military might be assessed in Washington soon.
06/29/2023
CISA working with agencies to pull exposed network tools from public internet
The Cybersecurity and Infrastructure Security Agency (CISA).
06/28/2023
What is Cyberwar?
Ask any three people to define cyberwar and you will get three different answers.
06/28/2023
Hundreds of FCEB Devices Are Violating CISA’s Latest Directive
FCEB agencies have 14 days to comply with 23-02 BOD either by securing it with Zero Trust Architecture or removing the device from the public internet.
06/20/2023
Russia’s ‘Fancy Bear’ hackers targeted Ukrainian gov’t, military orgs
Hackers with an infamous Russian military cyber group have targeted the Ukrainian government.
06/20/2023
OWASP Top 10 for LLMs: Can AI risk be tamed?
The Open Web Application Security Project (OWASP) is preparing a Top 10 list of large language model projects on an accelerated timetable.
06/19/2023
Firmware Backdoor Discovered in Gigabyte Motherboards, Hundreds of Models Affected
Research from supply chain security firm Eclypsium Labs indicates.