IT Security

Squaring the Circle: How to Make Public APIs Private
Many API attacks are effectively zero-day, novel attacks that exploit recent and unique changes to specific APIs. Here's how to stop them ...

Legit Security Adds Sensors to Detect Usage of Gen AI Tools to Write Code
Legit Security updated its ASPM platform with the ability to detect when developers use generative AI tools to write code ...

Survey: Cyberattacks Aimed at Software Supply Chains are Pervasive
A survey found the vast majority of respondents work for organizations that experienced a software supply chain incident in the past 12 months ...

GitGuardian Allies With CyberArk to Better Protect App Secrets
GitGuardian has allied with CyberArk to streamline secrets detection and management by making it easier to share insights ...

OX Security Optimizes DevSecOps to Improve Application Security
OX Security updated its ASPM platform to enable DevSecOps teams to instantly identify applications with vulnerable code ...

Cycode Discloses GitHub Actions Vulnerability in Google Bazel Project
Cycode discovered a command injection vulnerability in the way GitHub Actions updated Google's open source Bazel project ...

Snyk Acquires Helios to Extend Reach of ASPM Platform
With its Helios acquisition, Snyk plans to add an ability to capture application runtime data to extend the capabilities of its ASPM platform ...

5 Security Threats DevOps Teams Should Know
DevOps security (DevSecOps) is about breaking down silos and promoting open collaboration across teams ...

Survey: Widespread Inability to Remediate App Vulnerabilities
A survey found only 20% of IT and security professionals are confident in their ability to detect a vulnerability before an app is released ...

Venafi Adds Ability to Prevent Unauthorized Code From Running
Venafi added an ability to prevent unauthorized code from running in IT environments that make use of its machine identity management platform ...

Mobb Extends DevSecOps Reach of Tool to Generate Patches
Mobb added an ability to instantly surface patches for vulnerabilities at the time when code is being committed during a DevSecOps workflow ...

Legit Security Applies AI to Detect Vulnerable Application Secrets
Legit Security expanded the scope of its ASPM platform to make use of AI to discover vulnerable application secrets more accurately ...

