news analysisNpm ecosystem vulnerable to new manifest confusion attackPackage manifests in the npm registry are not validated against metadata files in the package itself, leaving the door open for attackers.By Lucian Constantin29 Jun 20236 minsDevSecOpsVulnerabilitiesOpen Source news analysis Most popular generative AI projects on GitHub are the least secureBy Michael Hill28 Jun 20235 minsGenerative AIApplication SecurityOpen Sourcefeature The CSO guide to top security conferencesBy CSO Staff28 Jun 202322 minsTechnology IndustryIT SkillsEvents news analysisFileless attacks surge as cybercriminals evade cloud security defensesBy Michael Hill 27 Jun 20235 minsCyberattacksSupply ChainApplication Security newsBaffle launches new user interface to simplify application data securityBy Shweta Sharma 21 Jun 20233 minsApplication SecurityData and Information SecuritySecurity Software newsTeam Cymru launches threat-hunting tool aims to fast-forward analysisBy Samira Sarraf 19 Jun 20232 minsThreat and Vulnerability ManagementApplication SecurityData and Information Security feature5 best practices to ensure the security of third-party APIsBy Linda Rosencrance 15 Jun 20238 minsSupply ChainSupply ChainSupply Chain news analysisAttackers set up rogue GitHub repos with malware posing as zero-day exploitsBy Lucian Constantin 14 Jun 20234 minsDevSecOpsCyberattacksApplication Security newsRezilion releases agentless runtime software vulnerability management solutionBy Michael Hill 14 Jun 20233 minsThreat and Vulnerability ManagementSupply ChainApplication Security ArticlesnewsApp cyberattacks jump 137%, with healthcare, manufacturing hit hard, Akamai saysLocal file intrusions and broken object-level authorization top application and API-related threat vectors, respectively, according to Akamai customer survey.By Jon Gold 18 Apr 2023 3 minsAPIsApplication Securityfeature19 startups to check out at RSA Conference 2023Young vendors of identity and access management, application security, and third-party risk solutions dominate the list of startups exhibiting at RSA.By Michael Nadeau 18 Apr 2023 8 minsAuthenticationRSA ConferenceDevSecOpsnews7 countries unite to push for secure-by-design developmentAgencies from across seven countries come together to create a guidance that aims to remove the burden of security from the technology buyer.By Samira Sarraf 17 Apr 2023 5 minsDevSecOpsInternet of ThingsApplication Securitynews analysisGoogle launches dependency API and curated package repository with security metadataWith the two new services, Google aims to help minimize risk from malicious code in the software supply chain.By Lucian Constantin 12 Apr 2023 7 minsDevSecOpsGoogleApplication Securitynews3CX DesktopApp compromised by supply chain attack3CX will be releasing an update for the DesktopApp in the next few hours; meanwhile, users are urged to use the PWA Client instead. By Apurva Venkat 30 Mar 2023 3 minsMalwareVoIPApplication SecuritynewsNoname Security releases API security updatesThe latest API security upgrades from Noname focus on expanded testing and discovery.By Jon Gold 29 Mar 2023 3 minsDevSecOpsApplication SecurityAPIsnewsBackslash AppSec solution targets toxic code flows, threat model automationNew cloud-native solution aims to address time-consuming, manual methods for discovering and mapping application code security risks.By Michael Hill 22 Mar 2023 4 minsDevSecOpsApplication SecuritynewsUK bans TikTok on government devices over data security fearsThe UK has joined international partners in banning social media app TikTok from government electronic devices over concerns the Chinese-owned app could pose a security risk.By Michael Hill 16 Mar 2023 3 minsGovernmentApplication SecurityData and Information SecuritynewsGitHub begins 2FA rollout for code contributorsGitHub’s 2FA rollout seeks to enhance the security of developer accounts and protect the software supply chain.By Michael Hill 09 Mar 2023 3 minsDevSecOpsApplication Securitynews analysisHard-coded secrets up 67% as secrets sprawl threatens software supply chain2022 was a particularly leaky year in relation to secrets, GitGuardian’s latest State of Secrets Sprawl report finds. By Michael Hill 08 Mar 2023 5 minsApplication SecurityData and Information SecurityVulnerabilitiesnews analysisOpen letter demands OWASP overhaul, warns of mass project exodusThe viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question.By Michael Hill 06 Mar 2023 7 minsCSO and CISOApplication Securitynews analysisWhite House releases an ambitious National Cybersecurity StrategyThe Biden administration's National Cybersecurity Strategy calls for more regulation on critical infrastructure providers and holds software providers accountable for their insecure products. By Cynthia Brumfield 02 Mar 2023 9 minsRegulationAdvanced Persistent ThreatsApplication Security Show more Show less View all Resources whitepaper The Top 10 Ways Storage is Changing This eBook outlines the top 10 ways businesses can ensure their infrastructure is making the most out of their data. The post The Top 10 Ways Storage is Changing appeared first on Whitepaper Repository. By Hitachi 08 Jun 2023Data ManagementInfrastructure ManagementIT Governance Frameworks whitepaper Breakthrough with Modern Security: How CIOs Can Enhance Cyber Resilience By Dell Technologies 18 May 2023Cloud SecurityCybercrimeSecurity whitepaper Data Protection in a Multicloud World By Dell Technologies 18 May 2023Cloud SecurityData and Information SecurityMulti Cloud View all Podcasts podcastsCSO Executive Sessions / AustraliaIn this weekly series, host Edmund Kennedy, Editor of CSO Australia, interviews top chief information security officers throughout Australia to discuss current security threats, critical IT projects, security skills and careers, and much more.3 episodesApplication Security Ep. 03 CSO Executive Sessions Australia with Australian Institute of Company Directors' Marco Figueroa 27 Jun 202324 mins CSO and CISO Ep. 02 Podcast: Scott Sorley, Executive Director ICT Services at UoSQ 19 Apr 202323 mins Application Security Video on demand videoCSO Executive Sessions Australia with Gavin Ryan, Global Head of Information Security, NavitasCSO Executive Sessions Australia with Gavin Ryan, Global Head of Information Security, Navitas, on the dynamics of overseeing a cyber security strategy for a global business, why it's felt organisations will go on a 'data diet' in 2023, and the importance of raising awareness of good cyber security principles among our youngest Australians. 26 May 2023 12 minsApplication Security CSO Executive Sessions with Kevin Tham, CISO at eitka 03 May 2023 19 minsApplication Security CSO Executive Sessions Australia with Charles Gillman, CISO at SuperChoice 27 Apr 2023 18 minsApplication Security What's ahead for cybersecurity in 2019: TECH(talk) Feb 01, 2019 25 minsRansomwareTechnology IndustryCyberattacks See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticles opinion What is the dark web? How to access it and what you'll find By Darren Guccione 01 Jul 202111 mins Data BreachTechnology IndustryCybercrime