4 Main API Security Risks Organizations Need to Address

November 4, 2024 at 08:29AM API security vulnerabilities have significantly increased, with a 21% rise in flaws reported. Key issues include misconfigured APIs, poor design, inadequate security testing, and lack of visibility. Organizations must implement strict authorization checks, consistent testing, and governance frameworks to mitigate risks and protect against breaches and attacks. ### Meeting Takeaways … Read more

Security Testing Market Worth $43.9B by 2029

September 12, 2024 at 02:42PM The global Security Testing Market is projected to grow from USD 14.5 billion in 2024 to USD 43.9 billion by 2029, with a CAGR of 24.7%, driven by the increasing incidence of cyberattacks. The adoption of Static Application Security Testing (SAST) and web application security testing is on the rise, … Read more

Cobalt Appoints Sonali Shah as CEO

August 29, 2024 at 05:12PM Cobalt announced Sonali Shah as the new CEO, known for her cybersecurity and technology expertise. Cobalt expanded its product suite and received industry awards. Shah will lead the company’s growth, succeeding Chris Manton-Jones, who steps down as CEO. Gajan Rajanathan of Highland Europe expressed confidence in Shah’s leadership. Shah’s appointment … Read more

CrowdStrike Explains Why Bad Update Was Not Properly Tested

July 24, 2024 at 07:09AM CrowdStrike faced a global fallout following a flawed update. The cybersecurity company detailed two types of updates it delivers to clients and explained that a faulty rapid response update led to widespread Windows crashes. CrowdStrike intends to bolster its testing procedures and implement a phased deployment strategy for future updates … Read more

PortSwigger Scores Hefty $112 Million Investment

July 1, 2024 at 02:48PM PortSwigger, the UK company behind Burp Suite software, secures a significant $112 million investment from Brighton Park Capital, marking its first external funding since 2008. With 20,000 clients, including major companies such as Microsoft and Amazon, PortSwigger’s products automate security testing for web applications and APIs, enhancing attack surface visibility … Read more

Adobe Adds Content Credentials and Firefly to Bug Bounty Program

May 1, 2024 at 11:21AM Adobe recently expanded its bug bounty program to include Content Credentials and Adobe Firefly, offering incentives for hackers to search for and report security defects. The program aims to reinforce the resilience of Adobe’s implementation against traditional risks and unique considerations and to test the resilience of AI models. Interested … Read more

NightVision Raises $5.4 Million for Application Security Testing

April 15, 2024 at 11:06AM NightVision, a US-based startup founded in 2022, raised $5.4 million in seed funding from angel investors. The company focuses on application security testing, aiding in the identification and resolution of software security vulnerabilities early in the development lifecycle. Its technology simulates attacks, integrates with development workflows, and enables secure development … Read more

The Fight for Cybersecurity Awareness

April 8, 2024 at 10:05AM “The Beekeeper” follows Adam Clay as he seeks vengeance against cyber attackers. It emphasizes the need for adaptable cybersecurity training to mitigate threats targeting individuals. Encouraging storytelling and testing employee responses are key to fostering a proactive security culture. Such strategies not only benefit the workforce but also contribute to … Read more

DataDome Expands Bot Bounty Program to the Public, Invites Researchers to Rigorously Test its Solution

February 15, 2024 at 04:26PM DataDome has expanded its bot bounty program, partnering with YesWeHack to invite external researchers to rigorously test its protection. Rewards range from €200 to €5,000 for developing bots that can scrape two dedicated websites without being blocked. DataDome’s solution has received widespread recognition and praise for its market-leading detection and … Read more

10 Security Metrics Categories CISOs Should Present to the Board

February 15, 2024 at 08:29AM Due to increased SEC regulations, companies are under pressure to enhance transparency and speed up breach disclosure in cybersecurity reporting. Boards are demanding more rigorous tracking of KPIs and KRIs, operational metrics, and asset and security performance indicators. The book, “The Cyber Savvy Boardroom,” co-authored by Homaira Akbari and Shamla … Read more