The majority (95%) of organizations have experienced an API security incident in the past 12 months, according to Salt Security’s Salt Labs State of API Security Report, Q1...
MakerDAO, which maintains and regulates the DAI cryptocurrency, has launched a bug bounty program with the promise of record-busting payouts ranging up tо $10 million. The decentralized...
In this interview with Help Net Security, Oded Hareven, CEO at Akeyless, explains how organizations manage secrets, particularly how this practice has changed and evolved amid the rapid shift...
Organizations are moving to multi-cloud environments in droves, largely because the cloud is fast, agile and powerful. But is it secure? Inherently — no. Just like...
A severe vulnerability present in the OWASP ModSecurity Core Rule Set (CRS) for several years was a “bang on the ear” for the project’s maintainers, who have outlined...
A critical vulnerability in popular CI/CD tool GoCD could allow unauthenticated attackers to extract encrypted secrets and poison software build processes – potentially paving the way to supply...
In what could have been considered a cryptographic supply chain security incident in the making, GitLab and other providers have blocked known, weak SSH keys generated through GitKraken....
Microsoft revoked insecure SSH keys some Azure DevOps have generated using a GitKraken git GUI client version impacted by an underlying issue found in one of...
Chief information security officers (CISOs) and their teams must have timely access to accurate and meaningful application security (AppSec) data to do their jobs effectively. This...
Concern is growing within the infosec community that a breach at DevOps platform vendor Travis CI might run deeper than the firm has so far been prepared to...
Recent Comments