Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
03/03/2023
Pushers of insecure software in Biden's crosshairs
Just-revealed US cybersecurity strategy 'has fangs' for catching crafty criminals and crummy coders
03/02/2023
Tom Kellermann: 'This Is a True Strategy'
Veteran Cyber Adviser Explains Why He's Enthusiastic About New US National Strategy
03/01/2023
Biden's cyber promises, two years later
Biden's cyber promises, two years later
02/27/2023
Contrast Security adds Microsoft Azure Functions support to evaluate serverless risks
Contrast Security expands Contrast Serverless Application Security offering to support Microsoft Azure Functions
02/24/2023
Russian hackers aren’t done with Ukraine
With Russian advancement in its war with Ukraine often stalled, the country has frequently turned to cyberattacks to cause mayhem for the defenders
02/22/2023
The 20 Coolest Web, Application And Email Security Companies Of 2023: The Security 100
From vendors offering developer-friendly code security tools to those protecting websites against cyberattacks, here’s a look at 20 key web, email and application security companies
02/21/2023
OSC&R targets software supply chains attacks
02/21/2023
Cyberthreats, Regulations Mount for Financial Industry
Nation-state adversaries, new reporting regulations, and a fast-paced threat landscape mean that financial services and technology firms need to bolster their security posture
02/15/2023
Less talk, more action: High hopes for CISA’s C-SCRM software supply chain security office
The US Cybersecurity and Infrastructure Security Agency (CISA) is making moves in 2023
02/13/2023
The case for SBOM benchmarks: “Ground truth” is key
Software Bills of Materials (SBOM) are designed to help software teams protect their supply chains.
02/10/2023
2023 Cyber Bank Heists Report: The Rise of Punitive Attacks
Contrast's Tom Kellermann on How Cybercriminals Escalated Destructive Strikes.
02/10/2023
Banks facing increasing denial-of-service attacks
Distributed denial-of-service attacks pose major risks for banks and preventing them could require significant long-term investment increases.