The idea of embedding security into DevOps isn't new, and it's fair to say it's never been fully realized, but API security presents a particular challenge for DevOps that requires consideration ... Wallarm recently completed our annual API ThreatStats report for 2025. The findings reveal a sharp increase in both AI and API-related vulnerabilities ...
In Episode 96 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss how tribal knowledge is lost during changes in leadership, as well as an update on DeepSeek AI ...
The NetRise Software Supply Chain Visibility & Risk Study, Edition 2 analyzed 70 randomly selected container images from 250 of the most commonly downloaded images on Docker Hub uncovering the hidden risks within this containerized software. This analysis offers a sobering look at the vulnerabilities and complexities DevOps teams must contend with. This blog looks at the study's findings, providing insights and practical advice to better secure containers and strengthen software supply chains ...
Linux Foundation Europe and OpenSSF announced a global joint-initiative to help prepare maintainers, manufacturers, and open source stewards for the implementation of the EU Cyber Resilience Act (CRA) and future cybersecurity legislation targeting jurisdictions around the world.
In Episode 95 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the changes the new Presidential administration will bring, as well as the latest news about DeepSeek AI ...
Service-oriented architecture has revolutionized the way we build and deploy modern applications, offering unprecedented levels of flexibility and scalability. As applications are increasingly distributed and interconnected, the number of potential points of vulnerability multiplies. Traditional authentication methods, once sufficient for monolithic applications, are now struggling to keep pace. Once a relatively straightforward concern, authentication now demands a more sophisticated approach using strategies like Mutual TLS (mTLS), a powerful and increasingly indispensable security protocol ...
As we move into 2025, the role of APIs in dictating technological advancements across industries continues to grow ... Among these, open banking is emerging as a cornerstone, bringing unique challenges and opportunities. Here are five key API development trends to watch in the coming year for open banking and beyond ...
In Episode 94 of the Cybersecurity Awesomeness Podcast, Jason Garbis from Numberline Security joins Chris Steffen and Ken Buckler from EMA to discuss the Zero Trust Maturity Model ...
With an alarming 44% increase in global cyber attacks year-over-year, the The State of Global Cyber Security 2025(link is external) from Check Point Software Technologies unveils new cyber trends, emerging threat actor tactics, and actionable CISO guidance for navigating this changing landscape unscathed ...
The explosion of open source software consumption, combined with the increasing backlog of critical vulnerabilities and the rise of outside threats, paints an alarming picture of the current state of software supply chain security ...
In Episode 93 of the Cybersecurity Awesomeness Podcast, Steve Guilford from AsterionDB joins Chris Steffen and Ken Buckler from EMA to reimagine the way we store files to be more secure (and useable) ...
If you're building in the cloud, you're building with APIs. And if you're building with APIs, you need to be thinking about API gateways. In today's interconnected digital landscape, APIs serve as the crucial bridges that facilitate communication and data exchange between various software applications and services. As organizations increasingly adopt cloud-native architectures and microservices, the number and complexity of APIs continue to grow, creating a new set of security challenges. This is where API gateways step in, offering a powerful solution to manage and secure the API ecosystem ...
In Episode 92 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler discuss the 2025 priorities laid out by the CISA and DHS ...
DevSecOps experts offer thoughtful, insightful, and often controversial predictions on how DevSecOps and related risks and tools will evolve in 2025. Part 4, the final installment of DevSecOps predictions, covers DevSecOps solutions ...
DevSecOps experts offer thoughtful, insightful, and often controversial predictions on how DevSecOps and related risks and tools will evolve in 2025. Part 3 covers AI security risks ...
DevSecOps experts offer thoughtful, insightful, and often controversial predictions on how DevSecOps and related risks and tools will evolve in 2025. Part 2 covers application security risks ...
DevSecOps experts offer predictions on how DevSecOps and related risks and tools will evolve in 2025 ...
In Episode 91 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler present 2025 cybersecurity predictions and trends ...
In Episode 90 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA recap 2024 cybersecurity and technology events ...
In Episode 89 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the data generated by free applications and how technological advances are impacting individual privacy ...
Amid growing pressure to enhance productivity and maintain a competitive edge, organizations are streamlining their application development processes. While increasingly integrating DevSecOps and Generative AI (GenAI) into their workflows, development teams must align to safeguard against application security threats and manage risks effectively ...
I've loved witnessing CISA's Secure-By-Design (SBD) movement gain momentum worldwide, as the United States, Australia, New Zealand, Canada, Singapore, Japan, Germany, and the UK commit to integrating similar guidelines and expectations into their respective cybersecurity strategies — with many of these nations also contributing to the original US recommendations.
In Episode 88 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the ransomware attacks going on at Starbucks through Blue Yonder ...
As we approach 2025, the cyber security landscape will be shaped by the rise of AI-powered attacks, the looming threat of quantum computing, and the growing vulnerability of social media platforms. Part 2 continues the predictions ...
As we move into 2025, the cyber security landscape will become more complex, with new challenges emerging as rapidly as the technologies that drive them. From artificial intelligence (AI)-enhanced malware to looming quantum computing threats, the forecast from Check Point Software Technologies highlights the trends that organizations must prepare for to stay secure in this evolving digital environment ...
