news analysisNpm ecosystem vulnerable to new manifest confusion attackPackage manifests in the npm registry are not validated against metadata files in the package itself, leaving the door open for attackers.By Lucian Constantin29 Jun 20236 minsDevSecOpsVulnerabilitiesOpen Source news analysis Most popular generative AI projects on GitHub are the least secureBy Michael Hill28 Jun 20235 minsGenerative AIApplication SecurityOpen Sourcefeature The CSO guide to top security conferencesBy CSO Staff28 Jun 202322 minsTechnology IndustryIT SkillsEvents news analysisFileless attacks surge as cybercriminals evade cloud security defensesBy Michael Hill 27 Jun 20235 minsCyberattacksSupply ChainApplication Security newsBaffle launches new user interface to simplify application data securityBy Shweta Sharma 21 Jun 20233 minsApplication SecurityData and Information SecuritySecurity Software newsTeam Cymru launches threat-hunting tool aims to fast-forward analysisBy Samira Sarraf 19 Jun 20232 minsThreat and Vulnerability ManagementApplication SecurityData and Information Security feature5 best practices to ensure the security of third-party APIsBy Linda Rosencrance 15 Jun 20238 minsSupply ChainSupply ChainSupply Chain news analysisAttackers set up rogue GitHub repos with malware posing as zero-day exploitsBy Lucian Constantin 14 Jun 20234 minsDevSecOpsCyberattacksApplication Security newsRezilion releases agentless runtime software vulnerability management solutionBy Michael Hill 14 Jun 20233 minsThreat and Vulnerability ManagementSupply ChainApplication Security ArticlesnewsApp cyberattacks jump 137%, with healthcare, manufacturing hit hard, Akamai saysLocal file intrusions and broken object-level authorization top application and API-related threat vectors, respectively, according to Akamai customer survey.By Jon Gold 18 Apr 2023 3 minsAPIsApplication Securityfeature19 startups to check out at RSA Conference 2023Young vendors of identity and access management, application security, and third-party risk solutions dominate the list of startups exhibiting at RSA.By Michael Nadeau 18 Apr 2023 8 minsAuthenticationRSA ConferenceDevSecOpsnews7 countries unite to push for secure-by-design developmentAgencies from across seven countries come together to create a guidance that aims to remove the burden of security from the technology buyer.By Samira Sarraf 17 Apr 2023 5 minsDevSecOpsInternet of ThingsApplication Securitynews analysisGoogle launches dependency API and curated package repository with security metadataWith the two new services, Google aims to help minimize risk from malicious code in the software supply chain.By Lucian Constantin 12 Apr 2023 7 minsDevSecOpsGoogleApplication Securitynews3CX DesktopApp compromised by supply chain attack3CX will be releasing an update for the DesktopApp in the next few hours; meanwhile, users are urged to use the PWA Client instead. By Apurva Venkat 30 Mar 2023 3 minsMalwareVoIPApplication SecuritynewsNoname Security releases API security updatesThe latest API security upgrades from Noname focus on expanded testing and discovery.By Jon Gold 29 Mar 2023 3 minsDevSecOpsApplication SecurityAPIsnewsBackslash AppSec solution targets toxic code flows, threat model automationNew cloud-native solution aims to address time-consuming, manual methods for discovering and mapping application code security risks.By Michael Hill 22 Mar 2023 4 minsDevSecOpsApplication SecuritynewsUK bans TikTok on government devices over data security fearsThe UK has joined international partners in banning social media app TikTok from government electronic devices over concerns the Chinese-owned app could pose a security risk.By Michael Hill 16 Mar 2023 3 minsGovernmentApplication SecurityData and Information SecuritynewsGitHub begins 2FA rollout for code contributorsGitHub’s 2FA rollout seeks to enhance the security of developer accounts and protect the software supply chain.By Michael Hill 09 Mar 2023 3 minsDevSecOpsApplication Securitynews analysisHard-coded secrets up 67% as secrets sprawl threatens software supply chain2022 was a particularly leaky year in relation to secrets, GitGuardian’s latest State of Secrets Sprawl report finds. By Michael Hill 08 Mar 2023 5 minsApplication SecurityData and Information SecurityVulnerabilitiesnews analysisOpen letter demands OWASP overhaul, warns of mass project exodusThe viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question.By Michael Hill 06 Mar 2023 7 minsCSO and CISOApplication Securitynews analysisWhite House releases an ambitious National Cybersecurity StrategyThe Biden administration's National Cybersecurity Strategy calls for more regulation on critical infrastructure providers and holds software providers accountable for their insecure products. By Cynthia Brumfield 02 Mar 2023 9 minsRegulationAdvanced Persistent ThreatsApplication Security Show more Show less View all Resources whitepaper Breakthrough with Modern Security: How CIOs Can Enhance Cyber Resilience The recent rapid acceleration of digital transformation and distributed work has changed the game in cybersecurity. When most employees worked exclusively from an office, the boundaries for cybersecurity were clearer. The post Breakthrough with Modern Security: How CIOs Can Enhance Cyber Resilience appeared first on Whitepaper Repository. By Dell Technologies 18 May 2023Cloud SecurityCybercrimeSecurity whitepaper Data Protection in a Multicloud World By Dell Technologies 18 May 2023Cloud SecurityData and Information SecurityMulti Cloud whitepaper Top reasons why customers choose Dell VxRail By Dell Technologies 18 May 2023Infrastructure ManagementIT ManagementSystem Management View all Podcasts podcastsCSO Executive Sessions / ASEANIn this weekly series, host Xiou Ann Lim, Editor for CSO ASEAN at Foundry, interviews top chief information security officers throughout the ASEAN region to discuss current security threats, critical IT projects, security skills and careers, and much more.47 episodesApplication Security Ep. 47 Hong Kong Baptist University's Allan Wong on his award-winning implementation of zero trust security 19 Apr 20238 mins Cloud Security Ep. 46 IHH Healthcare's Francis Yeow on talent 06 Apr 2023 C-Suite Video on demand videoWhat's ahead for cybersecurity in 2019: TECH(talk)J.M. Porup, senior writer at CSO online, joins Juliet on this week’s episode of TECH(talk) to discuss trends in ransomware, IoT security and enterprise cybersecurity roles. Feb 01, 2019 25 minsRansomwareTechnology IndustryCyberattacks 6 security reasons to upgrade to Windows 10 Jul 25, 2018 1 minsApplication SecurityPrivacyWindows Don't ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34 03 Jul 2018 16 minsData BreachApplication SecurityCybercrime See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticles opinion What is the dark web? How to access it and what you'll find By Darren Guccione 01 Jul 202111 mins Data BreachTechnology IndustryCybercrime