May 21, 2024 at 11:07PM WitnessAI, a startup in artificial intelligence safety, emerged from stealth to address the barriers hindering organizations from adopting AI tools. Their Secure AI Enablement Platform offers observability, policy enforcement, and data protection for enterprises using AI. The platform, deploying cloud-based instances with unique encryption keys, has secured funding and plans … Read more
May 11, 2024 at 01:23PM Recent cybersecurity headlines emphasize the growing threat to critical infrastructure, including power lines, internet cables, and water control systems. Claroty CEO Yaniv Vardi predicts an increasing trend of physical and digital attacks, with three-quarters of critical infrastructure companies experiencing ransomware attacks last year. Vardi stresses the need for public-private cooperation … Read more
May 3, 2024 at 10:04AM The past two years have seen a rise in generative AI adoption across industries, creating security challenges. Apex, an AI security platform, aims to address this by providing visibility and enforcing security policies for AI activities. Founded in 2023, it has trials with Fortune 500 companies and received $7 million … Read more
March 28, 2024 at 08:03AM The text discusses the challenges of managing non-human identities in modern software development, highlighting issues such as hard-coded secrets, scalability challenges, compliance difficulties, and the neglect of security in the development process. It also provides best practices for securing non-human identities and introduces Entro, a tool for efficient secrets management … Read more
January 24, 2024 at 08:30AM Cloud-native applications and APIs have led to numerous data breaches, including with TeslaMate and Sumo Logic. Such incidents emphasize the need for organizations to prioritize cybersecurity basics, manage security tools, and address misconfigurations and credential misuse. Despite security challenges, the benefits of cloud-native environments are leading enterprises to embrace them, … Read more
January 2, 2024 at 11:12AM The evolving landscape of AI has presented significant challenges for CISOs and CIOs in crafting their 2024 plans. The rapid pace of AI innovation and its potential benefits raise the question of how to balance risk and opportunities. Stakeholders expect a clear strategy while dealing with the uncertainty of the … Read more
November 14, 2023 at 06:57AM Dependabot, a tool that automates checking and updating outdated dependencies in software projects, has revolutionized software maintenance tasks. However, security firm Checkmarx has warned of malicious actors impersonating Dependabot to deceive developers into accepting unauthorized changes. This incident highlights the vulnerabilities in CI/CD pipelines, which connect external tools and platforms … Read more
November 7, 2023 at 07:36AM The OPSWAT 2023 Web Application Security report reveals that while 75% of organizations have modernized their infrastructure and 78% have increased their security budgets, only 2% are confident in their security posture. The shift to cloud-based and containerized web applications presents new security challenges, particularly in file upload security. The … Read more