Did you know that public exploits for business applications have increased 100 percent since 2015?Today, over 77 percent of the world's transactional revenue touches an ERP system, making these applications an attractive target for cyber criminals looking to profit from the highly-sensitive and regulated data that...
Containerization introduces new processes that move code through the software development pipeline at an accelerated pace and with greater flexibility (or, less oversight).
This eBook explains how DevSecOps can deliver context-aware security while automating the entire image-to-production process, allowing...
A critical part of any security infrastructure is providing the capacity to secure containerized applications across any platform, orchestrator, or cloud.
This Container Security Guide provides visual, easy-to-digest diagrams that show how to:
Ensure images are free from known vulnerabilities, secrets and...
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.
Organizations and their applications are under attack from automated bots and bad actors. And many of these attacks are undetectable by conventional security technologies. How can organizations detect and prevent this activity? Carl Gustas of Cequence Security shares insights.
The latest edition of the ISMG Security Report analyzes the "blame game" in the wake of a ransomware attack against the city of Baltimore. Also featured: Discussions of cyberthreats in the financial services sector and open source security concerns.
Infosecurity Europe returns to London June 4-6, featuring more than 230 sessions over three days covering a range of topics, including application security, automation, data protection, risk management, incident response and threat analysis. Here's a preview of 11 hot sessions.
On the sixth stop of a multi-city tour, ISMG and Sonatype visited San Francisco for an engaging discussion on how to mitigate risks introduced by open source software. Sonatype CMO Matt Howard discusses the relevance and value of this application security conversation.
A security researcher has discovered a way to skirt around Apple's Gatekeeper security feature, which could be leveraged to trick people into downloading a malicious application. It's unclear when Apple may fix the issue.
The web, mobile, and API-based applications that power your digitally-connected organization are under attack by malicious automated bots and bad actors. Unfortunately, many of these attacks are undetectable by traditional security technologies. So how bad is the problem, and what can do you to protect yourself? ...
Migrating from on-premises data security to the cloud and then embedding security in the application development process are common challenges for enterprises. Dan Fitzgerald, a CISO at the consultancy McKinsey & Co., shares insights on how to make these transitions.