Lucene search
K

1393 matches found

Imperva Blog
Imperva Blog
added 2023/01/16 8:0 a.m.10 views

Is the FSI innovation rush leaving your data and application security controls behind?

Fuelled by rising consumer expectations for innovative services and easy real-time access to financial products and information, financial services industries FSI and fintech organizations are racing to out-innovate each other and capture market share. The sizeable growth of investments into the...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/05 9:12 a.m.27 views

CircleCI Urges Customers to Rotate Secrets Following Security Incident

DevOps platform CircleCI on Wednesday urged its customers to rotate all their secrets following an unspecified security incident. The company said an investigation is currently ongoing, but emphasized that "there are no unauthorized actors active in our systems." Additional details are expected t...

1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/12/07 9:0 a.m.21 views

2023 Predictions: API Security the new Battle Ground in Cybersecurity

The adoption of application programming interfaces, more commonly known as APIs, has increased dramatically in recent years. In many ways, APIs are now the backbone of the Internet. The reason? APIs are an essential component of digital transformation, enabling applications, containers, and...

Exploits0
The Hacker News
The Hacker News
added 2022/12/01 11:13 a.m.28 views

What Developers Need to Fight the Battle Against Common Vulnerabilities

Today's threat landscape is constantly evolving, and now more than ever, organizations and businesses in every sector have a critical need to consistently produce and maintain secure software. While some verticals - like the finance industry, for example - have been subject to regulatory and...

8.1AI score
Exploits0
CNVD
CNVD
added 2022/12/01 12:0 a.m.16 views

Chocolatey Azure Pipelines Agent Privilege Design Vulnerability

Chocolatey can handle various types of installation packages.Azure Pipelines Agent Also known as Azure Pipelines Agent, it is mainly used to generate code or deploy software in the Devops process. A privilege design vulnerability exists in the Chocolatey Azure Pipelines Agent package v2.211.1 and...

4.3CVSS4.9AI score0.00353EPSS
Exploits0References1
Imperva Blog
Imperva Blog
added 2022/11/18 11:48 a.m.21 views

How DevOps can protect cloud applications from cyberattacks

Many organizations today are moving away from centralized on-prem operations and towards highly scalable cloud solutions such as Amazon’s AWS Lambda functionality. This provides cost-saving benefits and reduces the overall management of an enterprise tech stack. Cloud computing architecture also...

1.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/11/17 3:56 p.m.19 views

Rapid7 and HashiCorp Partner to Secure Terraform-based Cloud Infrastructure Deployments

Welcome to the latest installment in our cloud security “shift-left” blog series. In our last post, we covered the importance of integrating cloud infrastructure security assessments into DevOps tools and enabling Infrastructure as Code IaC developers. This time, we’re focusing on Rapid7’s recent...

Exploits0
Wallarm Lab
Wallarm Lab
added 2022/11/10 1:0 p.m.23 views

Q3-2022 API ThreatStats™ Report

The latest quarterly review and analysis of API vulnerabilities and exploits is in. Our initial take had us thinking it was smooth sailing for the state of API vulnerabilities in Q3—or was it just a lull in the storm? As it turns out, it’s neither. Read on to learn more about Wallarm’s analysis o...

7.6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/10/21 12:0 a.m.15 views

Infographic: How CNAPP Consolidate Cybersecurity Tools

A cloud-native application protection platform CNAPP consolidates your security tools, helping development, DevOps, cloud, and security teams sort each piece and see the big picture...

1.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/12 4:0 p.m.17 views

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

7.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/12 4:0 p.m.21 views

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less

Protecting your business against growing security threats is a huge priority. Companies of all sizes have increased their spending on cybersecurity solutions to protect their operations over the last year. User spending for the information security and risk management market will grow to USD169.2...

7.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/12 4:0 p.m.12 views

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

7.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/12 4:0 p.m.12 views

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

7.7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/10/12 4:0 p.m.10 views

5 cybersecurity capabilities announced at Microsoft Ignite 2022 to help you secure more with less

Protecting your business against growing security threats is a huge priority. Companies of all sizes have increased their spending on cybersecurity solutions to protect their operations over the last year. User spending for the information security and risk management market will grow to USD169.2...

7.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/10/12 4:0 p.m.12 views

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

7.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/09/30 12:0 a.m.8 views

Common Cloud-Native Security Misconfigurations & Fixes

Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them...

4.5AI score
Exploits0
CNVD
CNVD
added 2022/09/30 12:0 a.m.27 views

Bytebase licensing issue vulnerability

Bytebase is Bytebase's open source web-based, zero-configuration, dependency-free database schema change and version control management tool for DevOps teams. projects", which can be exploited by an attacker to view "projects" created by "Admin"...

4.3CVSS2.8AI score0.00537EPSS
Exploits1References1
Imperva Blog
Imperva Blog
added 2022/09/13 11:26 a.m.17 views

Three Keys to Securing Shadow Data

What is shadow data? Shadow data is any data contained anywhere in your entire data repository that is not visible to the tools you use to monitor and log data access. Shadow data may include: Customer data that DevOps teams copied into an unknown database to test applications they are developing...

6.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/09/09 2:33 p.m.23 views

Integrating Cloud Security With DevOps and CI/CD Tools

This is the latest post in our blog series on shifting left in cloud security. In our last post, we kicked off the series with a high-level overview about Rapid7’s approach to shifting cloud security into the application development lifecycle. For this post, we’ll dive into a key aspect of our...

0.4AI score
Exploits0
Snyk
Snyk
added 2022/09/08 11:24 a.m.1 views

Malicious Package

Overview nlu-devops-common is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder