Scheduling Vulnerability Scans & Pentests with Astra
This video talks about how you can seamlessly schedule vulnerability scans using Astra.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Top 7 AWS Vulnerability Scanners in 2023
Being one of the world’s largest cloud platforms comes with its own set of challenges. In the case of AWS, the major challenge is maintaining their platform’s security.
CVE-2023-33009 and CVE-2023-33010: Multiple Critical Unauthenticated RCE Vulnerabilities in Zyxel Firewalls
On Wednesday, the 24th of May, 2023, Zyxel released a security advisory for several vulnerabilities capable of granting unauthenticated remote code execution (RCE) in their line of Firewall and VPN products, tracked as CVE-2023-33009 and CVE-2023-33010. These buffer overflow vulnerabilities are also capable of inducing denial of service conditions.
Top 8 penetration testing tools
Penetration testing is crucial to ensuring a resilient security posture within an organization. It simulates an attack on the system, application, or network to discover vulnerabilities before hackers do. Developers often use penetration testing to verify that applications’ internal resources are safe from unauthorized access. In this situation, the tester or ethical hacker serves as a malicious actor. They gather as much information about the system as possible to find exploitable weaknesses.
Cloud Vulnerability Management by Elastic
In Q4 of 2022 there were more than 6,000 new CVE Records published. This begs the question: how susceptible are you to the latest vulnerabilities? Learn how one of Elastic’s new capabilities: cloud security posture management can help you modernize your cloud security operations.
Track Risk Trends in your Container Images with Sysdig Risk-based Vulnerability Management
The number of detected common vulnerabilities and exposures (CVEs) has significantly increased in the past decade. In the last five years, security researchers reported over 100,000 new CVEs. The highest reported annual figure was in 2022, with over 25,000 new CVEs. This number can overwhelm any security team if it’s not managed correctly between assessment, reporting, remediation, and monitoring.
June Update: The Escalation of the PaperCut Vulnerability Campaign
Over the past two months, the Cyberint research team has witnessed an extensive campaign in which threat actors are actively exploiting the recently discovered vulnerability in the PaperCut print management platform. The Cyberint research team has identified a significant trend in relation to these recent attacks and associated incidents linked to this vulnerability.
Mend CLI - Container Image Scanning
You can scan a container image with the Mend CLI to check for security vulnerabilities and secrets, and view them as a formatted table directly in the CLI or within the user interface. This video is an overview of how to use the Mend CLI to scan your container images using a pipeline.
Data loss prevention for developers
A security violation in the form of a data breach can create costly damage to a company's reputation. But what exactly is a data breach? The European Commission has divided data breaches into three distinct categories — confidentiality breaches, integrity breaches, and availability breaches: In this article, you'll learn more about what a data breach is and how you can prevent data breaches when designing and developing your software.
Snyk named a Leader in 2023 Gartner Magic Quadrant for Application Security Testing
We’re thrilled to announce that Snyk has been named a Leader in the 2023 Gartner Magic Quadrant for Application Security Testing! Snyk was named in the Magic Quadrant for Application Security Testing (AST), for the first time, as a Visionary in 2021. And today, we’re excited and honored to announce that Gartner has recognized us in the Leaders Quadrant in the 2023 Magic Quadrant report.