Recent high-profile breaches resulting from API attacks are "just the tip of the iceberg," said Gartner analyst Dionisio Zumerle. "What we have is a new way of exchanging information which is increasingly popular, and almost no organization has the recipe to secure that new way of communicating."
A now-patched bug that caused OpenAI to take down the ChatGPT chatbot for nine hours on Monday also revealed the last four digits of payment cards, the company disclosed Friday. One user said he saw the history of another account including the topics "phobia of rats" and "sexist music video clips."
In the 21-month stretch from October 2020 to June 2022, a whopping 48 cybersecurity startups received 10-figure valuations as investors evaluated prospects on potential rather than performance. Now that the financial boom has gone bust, what happens to these unicorns from a different economic era?
With application GRC more critical than ever in today's dynamic, dispersed environment, what are the critical capabilities needed in a solution? Keri Bowman of Saviynt offers six recommendations, including risk reporting and out-of-the-box rule sets and compliance management.
In a video interview with Information...
Wiz has become the most valuable venture-backed cybersecurity vendor in the world, raising $300 million on a $10 billion valuation just three years after its founding. The New York-based startup will use the Series D proceeds to guard more complex cloud environments and fulfill robust global demand.
The adoption of new technologies, multi-cloud architectures and multiple data storage sites has resulted in data residing in more places than ever before. That's why enterprises need a single pane of glass to know who's touching their data and why, says Imperva CEO Pam Murphy.
Zscaler has agreed to purchase a startup established by a former Proofpoint executive to help organizations thwart SaaS supply chain attacks. The proposed acquisition of Tel Aviv, Israel-based Canonic Security will help customers streamline SaaS application governance and enforcement.
Banking Trojans, ransomware, fake finance apps programmed to steal data - the cybercriminal cartels have become more punitive in 2023, escalating destructive attacks on financial institutions. This is just one key finding of the annual Cyber Bank Heists report by Contrast Security's Tom Kellermann.
As the massive ESXiArgs ransomware campaign continues to target unpatched VMware ESXi hypervisors, cybersecurity experts have released a script that can decrypt at least some affected virtual machines. Ransomware trackers count at least 2,803 victims, primarily in France, the U.S. and Germany.
APIs represent the best and worst of times - "massive amounts of business value, but massive amounts of unmitigated risk," says Richard Bird, CSO, Traceable AI. In the past year, misconfigured or error-prone APIs resulted in high-profile breaches at Twitter and T-Mobile. He sees more on the horizon.
Organizations have struggled to understand why APIs are so strategic even though they're an intrinsic way businesses interface with their software, according to Checkmarx CEO Emmanuel Benzaquen. He says API abuse is slated to become one of the most common types of web application data breaches.
Today’s enterprises are facing tremendous pressure to modernize so they can unlock their capacity for better, more profitable customer experiences.
They’re being challenged to adapt their foundational revenue-generating, client-facing business processes to fully seize the potential of the moment. With the...
U.S. federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.
The nearly $200 million it raised in December will allow Snyk to consolidate the developer security market through organic investment and M&A, says CEO Peter McKay. Snyk has focused on bringing open-source security, container security, infrastructure- as-code security and cloud security together.
Passwords are a major security flaw, yet still remain a staple of most enterprises. KuppingerCole Analysts provide insight on going passwordless for your Zero Trust initiatives.
Read “A Passwordless Future Begins with Credential Management” for insight on:
Improving your organization's security posture...