Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
05/09/2023
Big banks badly need a cyber security overhaul
Central banks are getting nervous that their retail cousins are neglecting cyber security protections that might prevent a financial meltdown.
05/09/2023
SLSA 1.0 delivers build provenance: What application security teams need to know
OpenSSF's updated framework is an essential tool for dev teams, but experts say it's incomplete as a supply chain security solution.
05/09/2023
NextGen data breach impacts 1 million patients. Twitter confirms Circle security
NextGen Healthcare has disclosed it suffered a cyberattack.
05/09/2023
NextGen Healthcare Data Breach: One Million Patient Records Affected
Electronic health record software provider NextGen Healthcare has confirmed.
05/09/2023
More than 1 million people have SSNs leaked after cyberattack on hospital technology giant
Hospital technology giant NextGen Healthcare said hackers accessed the personal information.
05/08/2023
1M NextGen Patient Records Compromised in Data Breach
Company says a database was accessed by an "unknown third party" with stolen credentials.
05/08/2023
Application Security (Part 1): 'Shifting Left' Or Shifting Smart?
CTO and cofounder of Contrast Security—helping companies become truly great at securing their apps and APIs.
05/02/2023
How to operationalize SBOMs for incident response
Here's why Software Bills of Materials are essential for cybersecurity incident response — and how to put them to work.
04/27/2023
CISA’s Security by Design for software development: ‘It’s a starting point, not an endpoint’
Here's what experts say about the CISA initiative's potential impact on software supply chain security — and security operations.
04/25/2023
Contrast Security’s New MSSP Program Empowers Partners to Protect Customers’ Applications Against Next-Generation Cyber Threats
Contrast Security announced the launch of its new Managed Security Services Program (MSSP)
04/25/2023
Securing Digital Finance: What SECs Proposed Cybersecurity Amendments Mean
The SEC proposed amendments to expand the scope of privacy-related governance, enhance transparency, and thereby indirectly strengthen cybersecurity.
04/25/2023
Moving to the Cloud Won’t Solve Your Security Woes
Keep these three essential things in mind to mitigate vulnerabilities in your data center before doing a cloud migration.