In Episode 23 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA recap Black Hat 2023 ...
DevSecOps
August 16, 2023
Developers are leveraging a variety of tools, platforms, languages, and services to deliver more sophisticated features and functionality. However, every additional component used to build an application increases the size of the attack surface and the risk of an attack. Threat actors have a greater chance of discovering a vulnerability, misconfiguration, or bug that can serve as a toehold into the environment ...
August 15, 2023
For the last decade, the concept of shifting security left has surged exponentially among practitioners, as the results of this approach are astounding. The ability to deliver secure code faster, reduce vulnerabilities in production, and drive efficiencies across application security and development teams are a clear win for any organization, right? ...
August 14, 2023
The prevalence of team silos and point solutions throughout the DevSecOps lifecycle make it increasingly difficult for development, security, and operational teams to have comprehensive visibility into the threats affecting their cloud environments. In fact, according to a recent Dynatrace study, 77% of chief information security officers (CISOs) say it's a significant challenge to prioritize vulnerabilities because of a lack of information about the risks they pose ...
August 11, 2023
In Episode 22 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the upcoming 90 day expiration of SSL certificates ...
August 09, 2023
Fraud detection, typically seen as a solution outside of cybersecurity, has taken on a new dimension in recent times. Digital fraud has emerged as a significant threat to businesses and individuals alike. APIs play a pivotal role in this landscape, often serving as the gateway for fraudulent activities ... As the sophistication and frequency of digital fraud continue to rise, understanding the connection between API security and fraud has never been more critical ...
August 04, 2023
In Episode 21 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the latest SEC cybersecurity reporting and leadership requirements ...
August 01, 2023
APIs are incredibly important in today's digital landscape. They play a crucial role in enabling communication and interaction between different software applications, systems, and services. Due to the increasing reliance on APIs, they have gradually become the top target for hackers. As such, enterprises are placing more emphasis on API security to protect the integrity of data and services, build trust and confidence, and mitigate future risks ...
July 31, 2023
As the volume, development velocity, and variety of applications and their attack vectors skyrocket, it's time to rethink how we use application hardening. Application hardening, also known as "application shielding" and "in-app protection," protects live applications from reverse engineering and tampering ...
July 28, 2023
In Episode 20 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss Black Hat USA 2023 ...
July 10, 2023
Companies are increasingly embracing the power and agility of cloud-based solutions, with more than 20% of their workloads running in the cloud today, with plans to grow more than 50% in the next 18 months. With this accelerated cloud adoption comes inherent challenges and apprehension, as Check Point's 2023 Cloud Security Report reveals. As a result, 76% of organizations are apprehensive about cloud security, and cloud-based attacks are increasing at an alarming rate ...
June 29, 2023
My colleagues and I at cloud-native application security provider Backslash Security have been fascinated by the fact that dev teams outnumber AppSec teams and the amount of alert noise the latter struggle with on a daily basis. We wanted to dig deeper, so we commissioned a report to find out from US-based AppSec professionals (managers and engineers) themselves how they are faring with these dynamics at play ...
June 29, 2023
In Episode 16 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss Zero Trust and the SME Market ...
June 27, 2023
A recurring narrative is emerging in today's digital landscape, characterized by organizations grappling with managing and safeguarding the growing number of APIs within their ecosystem. At the 2023 RSA Conference, a survey conducted by Traceable brought some troubling facts to the surface about how organizations are handling their API security ...
June 23, 2023
In Episode 15 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss MoveIt Attacks ...
June 16, 2023
In Episode 14 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the role of the CISO ...
June 12, 2023
The White House recently released its National Cybersecurity Strategy ... Here are three tips to align your cybersecurity strategy with the White House guidelines, to avoid any breaches that your organization may be held liable for ...
June 09, 2023
In Episode 13 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss security uses of AI ...
May 26, 2023
In Episode 11 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss GDPR Enforcement ...
May 24, 2023
Truly Shifting Left means embracing a clean-as-you-go approach to software development. It means exactly what you'd think — it enables developers to identify and fix errors in real-time as they create code. When developers are able to clean-as-they-code, they move the security process as early into the software development life cycle (SDLC) as possible — when the code is first being written. You can't shift further left than that ...
May 22, 2023
As organizations increasingly rely on APIs to streamline their operations and drive innovation, the need to securely authenticate across these critical communication channels is more important and complex than ever. The Corsha State of API Secrets Report 2023 highlights the need for better tools, technologies, and tradecraft around API secrets ...
May 19, 2023
In Episode 10 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss 90 day certificates ...
May 16, 2023
The conventional wisdom in security, and mobile app protection in particular, was that consumers care about features, not security. At mobile brands across the globe, a healthy internal debate exists over this dichotomy. Mobile developers say features are more important. Cyber security teams say security is more important. Operations teams serve as the tie breaker, often choosing whatever will get the app out the door the fastest ...
May 05, 2023
In Episode 8 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA provide a wrap-up of the RSA conference ...
May 03, 2023
In Episode 7 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA observe Star Wars Day ...
