Americas

  • United States

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

HomeApplication Security

Application Security

Application Security | News, how-tos, features, reviews, and videos

Jump to
Latest Articles Events Resources Podcasts
news analysis
Image

Python GitHub token leak shows binary files can burn developers too

Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub.

By Lucian Constantin
Jul 11, 20245 mins
DevSecOpsApplication SecuritySoftware Development
feature
Image

The CSO guide to top security conferences

By CSO Staff
Jun 28, 202410 mins
Technology IndustryIT SkillsEvents
feature
Image

Whitelisting explained: How it works and where it fits in a security program

By Josh Fruhlinger and CSO Staff
Jun 07, 202410 mins
Email SecurityApplication SecurityData and Information Security
news

Over half of government applications have unpatched flaws older than a year

By Lucian Constantin
May 30, 20246 mins
Government ITApplication SecurityVulnerabilities
news

Cycode rolls out ASPM connector marketplace, analysts see it as bare minimum

By Evan Schuman
May 16, 20244 mins
Application Security
news

Equipped with AI tools, hackers make apps riskier than ever

By Shweta Sharma
May 14, 20244 mins
Application Security
news

Google, Meta, Spotify accused of flouting Apple’s device fingerprinting rules

By Gyana Swain
May 08, 20247 mins
Mobile SecurityApplication Security
news analysis

Kinsing crypto mining campaign targets 75 cloud-native applications

By Lucian Constantin
May 08, 20246 mins
CryptocurrencyMalwareApplication Security
news

SAP users are at high risk as hackers exploit application vulnerabilities

By Shweta Sharma
Apr 17, 20244 mins
Application SecurityVulnerabilities

Articles

feature

Where in the world is your AI? Identify and secure AI across a hybrid environment

As AI becomes integral to systems brought into the enterprise ecosystem it is increasingly critical for security teams to know where it is and reduce its risks.

By Deb Radcliff
Apr 17, 2024 9 mins
Application SecurityCloud SecurityNetwork Security
feature

What is identity fabric immunity? Abstracting identity for better security

CISOs struggling to manage a diverse and complex identity access management infrastructure should start thinking about identity fabric immunity.

By Matthew Tyson
Apr 03, 2024 11 mins
CSO and CISOApplication SecurityIdentity and Access Management
news analysis

Software supply chain attack impacts repo of large Discord bot community

The incident shows the snowball effect a single malicious package can have on the open-source development ecosystem.

By Lucian Constantin
Mar 27, 2024 6 mins
DevSecOpsMalwareSupply Chain
feature

Teams, Slack, and GitHub, oh my! – How collaborative tools can create a security nightmare

Some of today’s most popular and useful information-sharing platforms can leave a lot to be desired from a security standpoint. Here are some of the issues and how to mitigate them.

By Susan Bradley
Mar 19, 2024 7 mins
Windows SecurityApplication SecurityCloud Security
news analysis

New Kubernetes vulnerability allows privilege escalation in Windows

Attackers can abuse YAML configuration files to execute malicious commands in Windows hosts.

By Lucian Constantin
Mar 13, 2024 6 mins
DevSecOpsApplication SecurityVulnerabilities
news

Tool sprawl is hurting application security, US CSOs say

Security teams are managing many independent security tools and are able to fully review only half of major code changes, a new survey has found.

By Shweta Sharma
Feb 13, 2024 5 mins
Application Security
feature

How to strengthen your Kubernetes defenses

Kubernetes-focused attacks are on the rise. Here is an overview of the current threats and best practices for securing your clusters.

By David Strom
Feb 13, 2024 8 mins
DevSecOpsApplication SecurityIdentity and Access Management
news analysis

Deprecated npm packages that appear active present open-source risk

A significant percentage of the 50,000 most-downloaded npm packages are deprecated or have a deprecated dependency but provide no warning.

By Lucian Constantin
Jan 19, 2024 5 mins
DevSecOpsApplication SecurityOpen Source
feature

The OWASP AI Exchange: an open-source cybersecurity guide to AI components

This open-source collaborative effort to share global AI security standards, regulations, and knowledge aims to mitigate risk and boost AI cybersecurity for all.

By Chris Hughes
Jan 16, 2024 9 mins
DevSecOpsApplication SecuritySecurity Practices
feature

Understanding the NSA’s latest guidance on managing OSS and SBOMs

Open-source software is ever vulnerable to malicious actors, but software bills of material can help mitigate the threat. NSA guidance sets a solid foundation for managing the ecosystem.

By Chris Hughes
Dec 25, 2023 9 mins
Application SecurityOpen SourceSecurity Practices
news analysis

Atlassian patches critical remote code execution vulnerabilities in multiple products

The company also releases advisories for high-severity data leaks and denial-of-service issues across multiple products, including Jira and Confluence.

By Lucian Constantin
Dec 12, 2023 6 mins
DDoSApplication SecurityVulnerabilities
news

Snyk unveils new ASPM offering to help DevSecOps manage cloud application risks

Snyk AppRisk provides an ASPM workbench for the developers and security teams to discover assets, and analyze business and security context to quantify risks.

By Shweta Sharma
Dec 12, 2023 3 mins
Application Security
View all

Resources

whitepaper

2023 Comcast Business Cybersecurity Threat Report

The 2023 Comcast Business Cybersecurity Threat Report was developed to help IT leaders glean a deeper understanding of trends in cybersecurity threats—and the steps they can take to help protect their organizations from an evolving set of threats.

The post 2023 Comcast Business Cybersecurity Threat Report appeared first on Whitepaper Repository –.

By Comcast Business
08 Jul 2024
Application SecurityBusiness OperationsData and Information Security
Image
whitepaper

2023 Comcast Business Cybersecurity Threat Report

By Comcast Business
24 Jun 2024
Application SecurityBusiness OperationsData and Information Security
Image
whitepaper

2023 Comcast Business Cybersecurity Threat Report

By Comcast Business
24 Jun 2024
Application SecurityBusiness OperationsData and Information Security
Image
View all

Podcasts

Image
podcastsSponsored by Veracode

A Hard Look at Software Security

In Season 2 of our podcast series, we’ll discuss the implications and mandates generated by Veracode’s most recent State of Software Security report. Our industry experts will pick up from Season 1’s highlights to take a closer look at application security today. Listeners will learn more about: The impact security debt is having across industries The changing attitudes and priorities put around application security How the average number of days to fix software flaws has almost tripled since the last report The case for scanning early and often

0 episode
Application Security

Video on demand

video

What’s ahead for cybersecurity in 2019: TECH(talk)

J.M. Porup, senior writer at CSO online, joins Juliet on this week’s episode of TECH(talk) to discuss trends in ransomware, IoT security and enterprise cybersecurity roles.

Feb 01, 2019 25 mins
RansomwareTechnology IndustryCyberattacks
See all videos

Explore a topic

Show me more

news

AT&T confirms arrest in data breach of more than 110 million customers

By Evan Schuman
Jul 12, 20246 mins
Data BreachCyberattacksPrivacy
Image
news

Mobile surveillance software firm mSpy suffers data breach

By John Leyden
Jul 12, 20244 mins
Data BreachPrivacy
Image
news

Known SSH-Snake bites more victims with multiple OSS exploitation

By Shweta Sharma
Jul 12, 20243 mins
MalwareOpen Source
Image
podcast

CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands

Jul 08, 202418 mins
CSO and CISO
Image
podcast

CSO Executive Sessions: Data protection in Malaysia

Jul 02, 202415 mins
CSO and CISO
Image
podcast

CSO Executive Session India with Mrinal Kanti Roy, CISO, Cairn Oil and Gas

Jul 01, 202416 mins
CSO and CISO
Image
video

Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience

Jul 10, 202424 mins
CSO and CISO
Image
video

CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands

Jul 08, 202418 mins
CSO and CISO
Image
video

CSO Executive Sessions: Data protection in Malaysia

Jul 02, 202415 mins
CSO and CISO
Image