Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Quantum computers pose a serious threat to security and privacy of the Internet: encrypted communication intercepted today can be decrypted in the future by a sufficiently advanced quantum computer. To counter this store-now/decrypt-later threat, cryptographers have been hard at work over the last decades proposing and vetting post-quantum cryptography (PQC), cryptography that’s designed to withstand attacks of quantum computers.

Back in 2019, OWASP released its first API Top-10 list. It quickly gained widespread acceptance and acknowledgment from the industry about the challenges faced in protecting APIs. Since then, growth in APIs has continued, and the threat landscape also evolved rapidly. OWASP has released an updated API Top 10 2023 with quite a few changes from 2019 to address the changes and provide new insights and recommendations.

For folks who are responsible for threat detection of any kind for their organizations, the cloud can often be a difficult area to approach. At the time of writing, Amazon Web Services contains over two hundred services, while the Azure cloud offers six hundred. Each of these services can generate unique telemetry and each surface can present defenders with a unique attack path to handle. Adding to this complexity is the diversity of cloud workload configurations, as well as varying architecture models.

It’s no secret that Amazon Web Services (AWS) continues to grow by leaps and bounds as organizations modernize their IT infrastructure by migrating apps and workloads to the cloud. And due to the AWS shared responsibility model of cloud security, a deep and broad ecosystem of security vendors has also grown up alongside AWS.

In today’s digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled with challenges and choices. In this blog post, we’ll dive into the experience of Rob Davies, VP of Engineering and Lead Architect at Revenera, as he navigates the path from identifying the need for enhanced API security to making a decision, implementing the solution, and reaping the benefits.

Let's face it: Managing cybersecurity for multiple clients as an MSP can feel like navigating a maze, full of pitfalls and traps. Just when you think you have one security issue managed, another one pops up.

By now, we’re all painfully aware that AI has become a crucial and inevitable tool for developers to enhance their application development practices. Even if organizations restrict their developers using AI tools, we hear many stories of how they circumvent this through VPNs, and personal accounts.