Vulnerability Mismanagement: Why Patch Faster, Fix Faster Is a Broken Model
Eric Goldstein, the executive assistant director for cybersecurity at the US government’s Cybersecurity and Infrastructure Security Agency (CISA), recently said...
Eric Goldstein, the executive assistant director for cybersecurity at the US government’s Cybersecurity and Infrastructure Security Agency (CISA), recently said...
The recent decision by the US Securities & Exchange Commission to require companies to report on cybersecurity risk and “material”...
When an analyst investigates an alert, whether it’s a risk that might lead to a problem or a potential threat...
October is National Cybersecurity Awareness Month, which is focused on teaching individuals steps they can take to protect themselves online....
On September 11th, 2023, Google published an update for Chrome that fixed CVE-2023-4863, “Heap Buffer Overflow Vulnerability in WebP.” Firefox...
For security teams, the benefits of integrating security scanning and policy enforcement into CI/CD pipelines is obvious. The more we...
Earlier this year, I had the pleasure of speaking with Caroline Wong from Cobalt and Jason Lane from Snyk on...
The fundamental principle of scanning artifacts at build time is, if I can fix a security issue before it’s ever...
The idea of Infrastructure as Code (IaC), or defining how servers and other infrastructure components are built by writing out...