The push to migrate applications to cloud-native architectures has driven increased use of containers and created the need for more security, says Veracode CEO Sam King. Veracode's expertise in application security helps the company identify open-source code and known vulnerabilities in containers.
This edition of the ISMG Security Report discusses how Australian health insurer Medibank is facing stark consequences for not paying a ransom to a group of cyber extortionists, how to limit unnecessary cybersecurity exposure during M&A, and how to manage challenges in hybrid environments.
Sonatype’s eighth annual State of the Software Supply Chain Report blends a broad set of public and proprietary data and analysis, including dependency update patterns for more than 131 billion Maven Central downloads and thousands of open source projects, survey results from 662 engineering professionals, and the...
A startup that was reportedly almost acquired by Palo Alto Networks for $600 million has instead raised $100 million to forge ahead on its own. App security vendor Apiiro plans to use the proceeds to strengthen its ability to analyze code and developer activities across the software supply chain.
Organizations expect the IT security landscape to be consistent - from builds and hardware to operating systems - but for product security, everything Honeywell makes is a snowflake with flexible, highly tailored design across many technologies, says Honeywell Product Security Chief James DeLuccia.
Software as a service - it's the new shadow IT, says Phyllis Woodruff of Global Payments. And it highlights the new challenges arising for security leaders overseeing their organizations' cloud migrations. She discusses how to make cloud "bulletproof" for business teams.
Snyk has made another round of layoffs, axing 14% of its workforce including cloud security leader Aner Mazur and top legal officer Karyn Smith. The company will reduce its more than 1,400-person staff by 198 employees less than four months after laying off 30 people.
Since web applications and APIs are everywhere and easily probed for weaknesses, they remain the top hacking vector accounting for roughly 70% of security incidents, according to Verizon’s 2022 Data Breach Investigations Report. Hence, it is absolutely crucial for organizations to have a comprehensive solution to...
The shift to the cloud, use of multi-cloud and on-premises environments, and the adoption of DevOps are the key factors making application security more difficult. However, a successful cyberattack can cause major damage to your business. It can affect your customer trust, employee morale, business reputation, and the...
In the latest weekly update, ISMG editors discuss the implications of the former Uber CSO's guilty verdict for the rest of the industry, the growing problem of keyless car theft, and the latest progress toward a passwordless future revealed at the annual FIDO Alliance conference.
Palo Alto Networks has scaled back its M&A ambitions, walking away from a $600 million deal for Apiiro in favor of buying Cider Security for $200 million. Palo Alto says it abandoned the negotiations over irreconcilable differences in the valuation of Apiiro's code risk platform business.
Immersive Labs completed a funding round just weeks after laying off 10% of its workforce to cover more developer languages and safeguard Azure and Google Cloud. The Ten Eleven Ventures-led funding will help Immersive Labs expand its coverage from frontline cybersecurity staff to development teams.
In this episode of "Cybersecurity Unplugged," as the use of Kubernetes and cloud containers over traditional forms of storage continues to increase, Nikki Robinson of IBM discusses the benefits of breaking down "complicated environments into something that's tangible and easy to manage."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
