An in-depth look at automated vulnerability scanning within financial software, how it works, as well as top tools and best practices to get the job done.
vulnerability
Endor Labs released a report that identifies the top 10 open source software risks, including known vulnerabilities, compromised legitimate packages, untracked dependencies, and more. Chis Hughes explains.
Multi-cloud environments come with unique challenges, and analyst Rob Wood provides best practices for reducing security threats through training for employees with access to cloud resources.
Frank Domizio explains why cybersecurity professionals must continuously be on the lookout for ways in which the zero trust security model could become vulnerable to ever-evolving attackers.
Transitioning to multi-cloud will be a challenge if no one on your security team has experience with the technology, says Rob Wood.
Multi-cloud provides flexibility, scalability, and cost efficiency, but securing this architecture requires a comprehensive approach. Frank Domizio explains.
Chris Hughes reveals alarming findings in the 2023 Open Source security and risk analysis report by Synopsys.
Implementing a multi-cloud architecture across different geographies opens up unique security risks. Bill Doerrfeld recommends concrete measures to protect your business.
Learn all the latest in retail innovation from our expert team of practitioner-analysts including how to enhance your strategies with hyperautomation.
Data security strategy must go beyond securing a company’s data and employees to protect every data channel and counterparty. Wayne Sadin presents guidelines for managing third-party data risks.
Security data often ends up distributed across many systems, which can be an issue when searching for threats. CISO Rob Wood advocates a more centralized approach.
Robert Wood discusses the risks of data silos and provides three actionable steps for how to break them down or control their impact.
Nearly all cloud security incidents are due to customer misconfigurations. Chris Hughes explains how cybersecurity hygiene addresses the problem.
CISO Frank Domizio looks at common security vulnerabilities in the retail industry and offers practical ways to mitigate them and boost resilience.
Software bills of materials are important because they serve as standardized artifacts in developmental processes, as well as for security and compliance.
Kieron Allen looks at new data from Cyberseek regarding a shortage of skilled cybersecurity professionals, and what this means for organizations.
Wayne Sadin explains why multiple updates to crew scheduling software SkySolver won’t fix Southwest Airlines technical debt issues.
Do you know how to respond after a security breach has happened? This “for CISO, by CISO” guidebook provides first-person actionable insights from practitioners.
The capabilities of Snyk for automatic discovery & remediation have positioned it to shift security left. However, vendor solutions only go so far.
Bill reconnects with Sonatype Co-founder Brian Fox to find out why it’s taken so long for organizations to respond to the Log4j vulnerability, which was first discovered a year ago.