Open Bug Bounty has fixed 1 million vulnerabilities
Monday, November 7, 2022 by Brittany Hainzinger
Open Bug Bounty is an open, disintermediated, cost-free, and community-driven Bug Bounty platform for coordinated, responsible, and ISO 29147 compatible vulnerability disclosure. It passed the milestone on 27 October of fixing over 1,000,000 web security vulnerabilities.
The Open Bug Bounty project enables website owners to receive advice and support from&n...
ImmuniWeb Neuron web security scanning
Friday, June 10, 2022 by Richard Harris
ImmuniWeb has announced the launch of ImmuniWeb Neuron, a web application and API web security scanning solution that is based on the award-winning ImmuniWeb AI Platform available.
ImmuniWeb Neuron is designed to rapidly scan tens, hundreds, or even thousands of web applications and APIs for vulnerabilities, weaknesses, and misconfigurations. It c...
SnykCon 2021 event lineup
Friday, September 24, 2021 by Randall Degges
We're only a few weeks away from SnykCon 2021, Snyk's free annual developer conference that helps you learn how to build applications securely running October 5-7. We have a packed agenda full of expert talks, hands-on workshops, helpful demos, product roadmaps, opportunities to interact with some of the smartest speakers and leaders of developer security i...
Not all security vulnerabilities are created equal
Tuesday, May 25, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...
Six areas of focus for continuous security
Friday, April 16, 2021 by Jack Mannino
Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...
Data Privacy Day 2020 is here
Tuesday, January 28, 2020 by Richard Harris
Data Privacy Day is here, and with the recent implementation of the California Consumer Privacy Act, the timing could not be better to discuss the importance of taking steps to protect sensitive data while also keeping personal data private and secure.
Similar to GDPR, CCPA will have a profound impact on data privacy and protection, making this year’s Data Priv...
AI for cybersecurity
Tuesday, November 27, 2018 by Richard Harris
As organizations struggle to deal with the growing sophistication of hackers and the influx in data breaches, it's becoming clear that AI could be a critical tool for automatically defending applications from cyber attacks - but there are challenges to overcome. Ivan Novikov, the CEO of AI security company Wallarm, offers some insight below on how AI can be utilized...
IAST supports AppSec efficiencies while cutting costs and headaches
Monday, November 26, 2018 by Asma Zubair
It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....
Sensor network data integrity gets help from a new blockchain solution
Wednesday, November 21, 2018 by Christian Hargrave
Sixgill, LLC unveiled its new breakthrough blockchain or distributed ledger-based solution for sensor network data integrity. Sixgill Integrity is a ledger-agnostic solution and is designed from the ground up to solve the fundamental need for an end-to-end, real-time sensor data authenticity system. With Integrity, organizations are assured that their emitted data, tran...
Bitcoin job skills are hot says latest report
Monday, February 12, 2018 by Richard Harris
Upwork has released its newest quarterly index of the hottest skills in the U.S. freelance job market. The Upwork Skills Index ranks the site’s 20 fastest-growing skills in a quarterly series that sheds light on new and emerging skills as an indication of hot freelance job market trends. According to a recent study, 57.3 million Americans (36 percent of the U.S. workfor...
Enterprises need a software security program
Tuesday, January 30, 2018 by Sammy Migues
The answer to the “why” enterprises need a software security program question is pretty straightforward. There are no circumstances under which any but the smallest firms can expect a collection of independent activities - a pen test here, an hour of training there, some free tools that may or may not work as advertised - will consistently result in appropriately secure...
A DevOps framework for federal customers
Wednesday, May 17, 2017 by Christian Hargrave
Last Thursday, President Trump signed an executive order designed to strengthen the cybersecurity of federal networks including moving all federal IT systems to the cloud. The executive order also calls for effective risk management, which includes requiring planning so that maintenance, improvements and modernization occur in a coordinated way and with appropriate regu...
The hottest skills needed in the freelance job market to get hired
Thursday, May 4, 2017 by Richard Harris
Upwork has released its newest quarterly index of the hottest skills in the U.S. freelance job market. The Upwork Skills Index ranks the site’s 20 fastest-growing skills and is part of a quarterly series that sheds light on new and emerging skills freelancers are providing. According to a recent report, nearly half (49%) of hiring managers use freelancers to access skil...
IBM Security Channels Its Inner XMen with Launch of IBM XForce Red Security Division
Friday, August 5, 2016 by Stuart Parkerson
Someone in charge of naming divisions at IBM must have been a big Sci-Fi fan as is evidenced with IBM Security’s name for the a news security task force - IBM X-Force Red. Yep, that’s the name for a new group of IBM security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software...
Tips to Use Penetration Testing to Protect Your Business From Cyber Attacks
Thursday, May 12, 2016 by Joaquín Rodríguez Varela
Forty-seven percent of all breaches were caused by malicious or criminal attacks according to the most recent global data breach study released by the Ponemon Institute. Resolving an attack cost businesses an average of $170 per record, translating to an average total cost of $3.79 million for a data breach.Today’s cybercriminals are getting smarter at finding and breac...
Agile Innovation: Crossing the Wetware Chasm for Business Transformation
Friday, June 12, 2015 by Alex Robbio
“ The modern era’s less rigid development methodologies - Behavior Driven Development, Scrum and Kanban complemented by “Hackathon” team-blending campaigns - are proven to accelerate agile innovation, trusted collaboration and business transformation.”Modern-era IT jargon has coined the term “wetware” to describe the collective human capital - the programmers, developer...
NowSecure App Testing (formerly ViaLab) Launches New Mobile Application Security Testing Suite
Friday, January 23, 2015 by Richard Harris
NowSecure App Testing (formerly ViaLab) has announced its new mobile application security testing suite, available in both a free and paid version.The mobile application security testing suite speeds up the process of identifying vulnerabilities and risks for third-party and custom mobile apps. The platform helps developers locate problems such as Heartbleed before they...
Parasoft API Testing Enhances Automation for Mobile API Testing
Tuesday, March 11, 2014 by Stuart Parkerson
Parasoft has released the latest edition of its API testing solution which introduces enhanced support for testing RESTful APIs for mobile transactions.The latest release of Parasoft's enterprise-grade API Testing solution addresses the ongoing shift from XML/SOAP to JSON/REST focusing on ensuring that rich regression suites for JSON can be more rapidly constr...
