#vulnerability-management

[ follow ]
fromComputerworld
1 week ago

Kandji helps secure Apple enterprise with Vulnerability Response

Kandji's tool detects and manages vulnerabilities in Mac apps based on CVE data.
#cybersecurity
EU data protection
fromHackernoon
2 years ago

Attaxion Becomes The First EASM Platform To Integrate ENISA's EU Vulnerability Database (EUVD) | HackerNoon

Attaxion integrates the EUVD, enhancing vulnerability management by providing broader context and actionable data.
Europe politics
fromTechzine Global
2 months ago

EUVD security database is Europe's next step towards autonomy

The EUVD serves as a necessary alternative to the threatened CVE database, emphasizing the EU's commitment to cybersecurity.
fromHackernoon
2 years ago
EU data protection

Attaxion Becomes The First EASM Platform To Integrate ENISA's EU Vulnerability Database (EUVD) | HackerNoon

Europe politics
fromTechzine Global
2 months ago

EUVD security database is Europe's next step towards autonomy

The EUVD serves as a necessary alternative to the threatened CVE database, emphasizing the EU's commitment to cybersecurity.
more#cybersecurity
Web development
fromMedium
2 weeks ago

How to Implement Robust WAF Protection for Web Applications: Block SQL Injection, XSS, and DDoS...

Web Application Firewalls (WAFs) protect web applications from threats like SQL injection and Cross-Site Scripting (XSS).
fromDevOps.com
3 weeks ago

SBOMs Are Not Enough - DevOps.com

SBOM is essential for effective software composition analysis to manage vulnerabilities in third-party components.
fromDevOps.com
1 month ago

Still Running Vulnerable Log4j Instances? - DevOps.com

Log4j vulnerabilities remain a significant risk for organizations due to visibility and dependency issues.
Continuous monitoring and software composition analysis are essential for security.
Information security
fromTheregister
1 month ago

Nearly half of ransomware victims still pay out, says Sophos

Nearly half of ransomware victims still pay the ransom despite advice against it, but average payments are decreasing.
Organizations are becoming better at minimizing ransomware impacts, negotiating lower ransom amounts.
#cloud-security
fromSilicon Canals
1 month ago
Artificial intelligence

London-based Maze secures 22.5M to beat hackers at their own game through an AI agent - Silicon Canals

fromHackernoon
4 months ago
Privacy professionals

Cloud Compute Security Revolutionized Under Guruprasad Venkatesha's Leadership | HackerNoon

fromSilicon Canals
1 month ago
Artificial intelligence

London-based Maze secures 22.5M to beat hackers at their own game through an AI agent - Silicon Canals

fromHackernoon
4 months ago
Privacy professionals

Cloud Compute Security Revolutionized Under Guruprasad Venkatesha's Leadership | HackerNoon

more#cloud-security
fromThe Hacker News
2 months ago

Pen Testing for Compliance Only? It's Time to Change Your Approach

Compliance-driven penetration testing can leave organizations vulnerable because it typically only covers compliance-relevant vulnerabilities, neglecting deeper security issues that may exist.
Information security
fromTechzine Global
2 months ago

Dropping the SBOM, why software supply chains are too flaky

Gartner estimates that by 2025, 45% of organizations globally will face attacks on their software supply chains, reflecting a three-fold increase since 2021.
Software development
fromThe Hacker News
3 months ago

How to Automate CVE and Vulnerability Advisory Response with Tines

Before automation, creating tickets for 45 vulnerabilities took about 150 minutes of work. After automation, the time needed for the same number of tickets dropped to around 60 minutes.
DevOps
#application-security
Information security
fromThe Hacker News
3 months ago

New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk

Most application security alerts are unnecessary, causing more harm than good for organizations.
Application security has become inefficient, with teams overwhelmed by irrelevant alerts.
Improving application security requires a shift from mere detection to meaningful context.
fromDevOps.com
9 months ago
Information security

Legit Security Adds Application Security Rating Scorecards to ASPM Platform - DevOps.com

Information security
fromThe Hacker News
3 months ago

New Research Reveals: 95% of AppSec Fixes Don't Reduce Risk

Most application security alerts are unnecessary, causing more harm than good for organizations.
Application security has become inefficient, with teams overwhelmed by irrelevant alerts.
Improving application security requires a shift from mere detection to meaningful context.
fromDevOps.com
9 months ago
Information security

Legit Security Adds Application Security Rating Scorecards to ASPM Platform - DevOps.com

more#application-security
#devsecops
more#devsecops
#cve-foundation
more#cve-foundation
fromArs Technica
3 months ago

Crucial CVE flaw-tracking database narrowly avoids closure to DHS cuts

CVE's funding was at risk, but CISA has extended the contract to ensure continued operations.
fromTheregister
3 months ago

Homeland Security funding for CVE program expires

The 25-year-old CVE program is vital for vulnerability management, overseeing the organization and assignment of CVE IDs for specific security flaws to ensure clarity in communication.
Information security
fromThe Hacker News
4 months ago

How SSL Misconfigurations Impact Your Attack Surface

SSL certificates play a crucial role in protecting data transmission, but misconfigurations such as expired certificates or weak algorithms create vulnerabilities that increase an organization's attack surface.
Information security
fromITPro
4 months ago

Developers spend 17 hours a week on security - but don't consider it a top priority

Three quarters of developers spend over 17 hours weekly on security tasks, indicating a significant workload despite only 21% prioritizing security in coding.
DevOps
Software development
fromDevOps.com
4 months ago

Google's OSV-Scanner V2: Leveling Up Vulnerability Management for Developers - DevOps.com

Google's OSV-Scanner V2.0 improves vulnerability management with advanced scanning capabilities, catering to a range of programming languages and formats.
Information security
fromSecuritymagazine
4 months ago

Enhance security posture: 4 key approaches to manage vulnerabilities

Cloud native application development increases complexity, raising security risks and challenges in vulnerability management for businesses.
Toronto startup
fromDevOps.com
4 months ago

Aptori Now on Google Cloud Marketplace for AI-Powered Security and Automated Risk Remediation - DevOps.com

Aptori's AI-driven AppSec Platform uses advanced semantic reasoning to enhance application security by identifying and remediating vulnerabilities in real-time.
DevOps
fromDevOps.com
4 months ago

Opus Security Platform Assigns DevSecOps Tasks to AI Agents - DevOps.com

Opus Security launches AI-driven vulnerability management platform to aid DevSecOps teams in identifying and remediating known vulnerabilities.
fromInfoQ
5 months ago

GitLab Introduces Advanced Vulnerability Tracking to Tackle Code Volatility and Double Reporting

GitLab's new feature tackles code volatility and double reporting in vulnerability management by utilizing advanced tracking mechanisms, enhancing both accuracy and efficiency.
DevOps
Information security
fromITPro
5 months ago

86% of enterprise codebases contain open source vulnerabilities

86% of codebases contain open source vulnerabilities, with many classified as high or critical risk.
Organizations must address dependency management to mitigate security risks in software development.
DevOps
fromDevOps.com
5 months ago

Endor Labs Extends Microsoft SCA Alliance to GitHub - DevOps.com

Endor Labs and GitHub's partnership enhances software vulnerability management directly within DevOps workflows.
The integration streamlines the discovery and remediation of vulnerabilities in the development process.
[ Load more ]