Software Vulnerabilities August 9, 2022

Controlling the Source: Abusing Source Code Management Systems

13 min read - For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within…

Mainframe March 28, 2022

Low-Code Is Easy, But Is It Secure?

4 min read - Low-code and no-code solutions are awesome. Why? With limited or no programming experience, you can quickly create software using a visual dashboard. This amounts to huge time and money savings. But with all this software out there, security experts worry…

Risk Management January 28, 2022

When it Comes to Stopping IoT Security Camera Breaches, Focus on Procurement

4 min read - Earlier this year, an enterprise security camera system maker suffered a data breach. The incident, which involved the compromise of a Jenkins server, enabled a group of attackers to bypass the company’s authorization system, including its two-factor authentication processes. Those…

Intelligence & Analytics April 2, 2021

Software Composition Analysis: Developers’ Security Silver Bullet

4 min read - Security experts are always looking for a silver bullet. New products promise to resolve all your issues. Typically, these products overpromise to expand market share. Most attacks we see these days occur not because of genius attacks. Instead, they’re due…

Application Security February 12, 2021

Why Every Company Needs a Software Update Schedule

4 min read - Software without the most recent patch is like an unlocked door for threat actors. They know the openings are there and can just walk in. But patching and a software update schedule can make sure that door stays locked. Applying…

Software Vulnerabilities August 13, 2020

Legacy Systems: Seven Things to Know When Sunsetting

5 min read - Nothing lasts forever. That’s true for cars, devices, even a favorite sweatshirt or pair of jeans. But it is especially true for information technology (IT).  Legacy IT systems stick around in business settings for three main reasons: organizations don’t have…

Application Security July 9, 2020

Updating Legacy Systems Amid Growing Cybersecurity Concerns

2 min read - Over the past few months, a shift to remote working has raised many security questions for businesses trying to protect their data. And, ensuring that legacy systems are secure is a key priority.  Keeping legacy systems up to date in…

Application Security May 30, 2019

When AV Software Is at War With Your OS: A Case of IT Complexity

3 min read - When AV software programs are designed independently, it is only natural that there is competition for resources in the zero-sum field in which they are playing.

Application Security March 21, 2019

Securing the Microservices Architecture: Decomposing the Monolith Without Compromising Information Security

4 min read - Ditching monolith for microservices may be right for your organization, but it's critical to address the relevant security considerations early in the process.

December 27, 2017

Survey Says: AI Speeds Security Operations

2 min read - Existing software systems are slowing down security teams. How can information security professionals bridge the gap and improve response speed?