Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
08/02/2023
OWASP releases Top 10 list for LLMs
OWASP, the organization known for its list of the top 10 security vulnerabilities in software.
07/25/2023
ChatGPT Has a Plug-In Problem
Third-party plug-ins boost ChatGPT’s capabilities. But security researchers say they add an extra layer of risk.
07/21/2023
How Will the New National Cybersecurity Strategy Be Implemented?
The Biden Administration released a National Cybersecurity Strategy in March, and now, it has followed up with a comprehensive plan for implementation.
07/20/2023
Application Security (Part 2): Five Principles For ‘Shifting Smart’
CTO and cofounder of Contrast Security—helping companies become truly great at securing their apps and APIs.
07/19/2023
White House Unveils Cyber Trust Label for Smart Devices
Proposed Cybersecurity-Labeling Program to Certify Consumer IoT Devices.
07/17/2023
Building resilience through DevSecOps
DevSecOps, short for Development, Security, and Operations.
07/16/2023
What’s in the New National Cybersecurity Strategy Implementation Plan
The White House just released the new National Cybersecurity Strategy Implementation Plan.
07/14/2023
White House Releases Plan to Implement National Cybersecurity Strategy
After months of speculation, U.S. President Joe Biden’s administration announced.
07/13/2023
Security testing: Beware shifting left — shift smart instead!
Introducing shift smart, a new approach that encourages development and security teams to seek out the best place in the SDLC.
07/13/2023
Here's how the White House's cyber initiatives could affect banks
A new cybersecurity plan the White House released Thursday could have a mix of implications for banks.
07/13/2023
White House Issues National Cybersecurity Strategy Road Map
Implementation Plan for Strategy Assigns Federal Responsibilities, Sets Deadlines.
07/12/2023
CycloneDX 1.5: The next big step for SBOMs and software transparency
CycloneDX is one of the most popular standards for describing the components of an application.