Vulnerable Components pose a unique challenge in application security, as they lack mapped Common Vulnerability and Exposures (CVEs) and are often difficult to test. In this post, we will explore the impact…
Category: English
Insecure Design – VIDEO
Insecure design and architectural flaws are a new category of risks for 2021, and it is crucial to move beyond “shift-left” in the coding space to pre-code activities critical for the principles…
Security Misconfiguration – VIDEO
Misconfigurations in application security can pose a significant risk to organizations, potentially leading to unauthorized access, data breaches, and exploitation. It is alarming to note that approximately 90% of applications undergo testing…
Injection – VIDEO
Injection attacks pose a significant security threat to modern applications, with SQL, NoSQL, OS command, ORM, LDAP, and EL or OGNL injection being the most common types. Developers and organizations can prevent…
Security Logging and Monitoring Failures – VIDEO
In the ever-evolving landscape of cybersecurity, the significance of security logging and monitoring cannot be overstated. This category has risen to #3 in the OWASP Top 10 2021, highlighting its critical role…
Software and Data Integrity Failures – VIDEO
In the realm of cybersecurity, ensuring the verification of software updates, critical data, and CI/CD pipelines is of utmost importance. However, without the necessary safeguards, software and data integrity failures can pose…
Sandworm’s WinRar Attack on Ukrainian Networks
The Russian hacking group known as ‘Sandworm’ has been identified as the culprit behind an attack on Ukrainian state networks, where they used WinRar to erase data on government devices. The Ukrainian…
US Must Match China’s Digital Strategy
The book Fixing American Cybersecurity discusses the need for a public-private partnership in order to better protect company networks from cyber criminals and adversaries. In this Q&A with Larry Clinton, President and…
CISOs: Secure & Responsible
This year’s high-profile layoffs have caused organizations to think carefully about their costs and plan for a potentially uncertain future. For Chief Information Security Officers (CISOs), this means showing financial responsibility, increasing…
Cybersecurity Risks: 2023 Report
The Bipartisan Policy Center’s Top Risks in Cybersecurity 2023 report outlines eight “top macro risks” that pose a significant threat to cybersecurity. These risks have been steadily increasing over the past 20…