Application Security

The VDP platform provides a single website where agencies can intake, triage, and route the vulnerabilities that researc...

Ten years after kicking off its Vulnerability Rewards Program, Google sees another decade of bounties with a focus on sh...

Network operations center managers Bart Stump and Neil Wyler (aka Grifter) again head up the show network, but with a ne...

Attack paths allow adversaries to reliably take control of nearly every Active Directory in the world.

Additional report findings include 64% of survey respondents have delayed an application rollout over API security conce...

Google and other large providers are adopting BIMI, a technology for authenticated branding that could help drive securi...

The new platform brings bug reporting for all Google targets into one place.

The average critical vulnerability took 202 days to fix over the past 12 months, a scarce improvement over 205 days from...

Attackers use uncommon languages — such as Go, D, Nim, and Rust — to evade detection or make their development process m...

The Florida Department of Economic Opportunity says personal information may have been taken from its unemployment benef...

A survey of IT and security professionals also reveals COVID-19 has significantly changed the malware landscape.

The remote management software company will not disclose the source of the decryption key, but at least one company has ...

The MITRE Common Weakness Enumeration (CWE) team's latest list of most dangerous software flaws includes several that sh...

A vast majority of DevOps practitioners say containerization technology provides security, but some companies — especial...

If the federal government is going to have software that performs critical functions, it must take complete ownership, a...