Collaborate Disseminate
In the push for secure AI models, many organizations have turned to differential privacy. But is the very tool meant to protect user data holding back innovation? Developers face a tough choice: balance data privacy or prioritize precise results. Diffe… Continue reading Differential privacy in AI: A solution creating more problems for developers?
Here’s a look at the most interesting products from the past month, featuring releases from: Abnormal Security, Adaptive Shield, Appdome, AuditBoard, Calix, Cranium, CyberArk, Cybersixgill, Dashlane, Datadog, Detectify, Eclypsium, ExtraHop, FireMon, Fo… Continue reading Infosec products of the month: May 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Cybersixgill, Proofpoint, Secure Code Warrior, Snyk, and Synopsys. Cybersixgill Third-Party Intelligence module identifies potential supply chain risks … Continue reading New infosec products of the week: May 3, 2024
Synopsys introduced Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform. Polaris Assist combines Large Language Model (LLM) technology with decades of Synopsys’ application security knowledge… Continue reading Synopsys Polaris Assist automates repetitive, time-consuming tasks for security and development teams
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable Microsoft SharePoint Server – to its KEV cata… Continue reading Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
Synopsys released Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform. fAST Dynamic enables development, security, and DevOps teams to find and fix security vulnerabiliti… Continue reading Synopsys fAST Dynamic enables DevOps teams to fix security vulnerabilities in modern web apps
Cybersecurity strategies are essential components of modern organizations, designed to protect digital assets, sensitive information, and overall business continuity from potential cyber threats. As technology advances, the complexity and frequency of … Continue reading How cybersecurity strategies adapt to evolving threats
A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network oper… Continue reading SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)
The use of automated security technology is growing rapidly, which in turn is propagating the “shift everywhere” philosophy – performing security tests throughout the entire software development life cycle – across more organizations, according to Syno… Continue reading Security automation gains traction, prompting a “shift everywhere” philosophy
There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated testing and continuous integration are helping to reduce common programming error… Continue reading Organizations’ serious commitment to software risk management pays off