Vulnerability Management

Zero trust isn't a silver bullet, but if implemented well it can help create a much more robust security defense.

The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications.

Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders.

Deepfakes are already several steps ahead of the technology that can detect and warn us about them.

An efficient way to monitor security is to model user behavior using time series data and watching for anomalies.

Criminal groups are ramping up use of IABs to get access to networks without having to deal with the initial reconnaissance and intrusion phases.

The best way to succeed in long-term cybersecurity is to invest in visibility because you can't protect or defend against what you can't see.

The machine learning classifier from Adobe can determine whether system commands are malicious and classify them using a variety of tags useful for security analysts.

New report suggests attacker is targeting trusted supply chain companies in order to compromise large numbers of downstream customers.

ClusterFuzzLite is a stripped-down version of continuous fuzzing tool ClusterFuzz that integrates CI tools.

When the drive for additional visibility and awareness is led by the business rather than just a SOC team, both the business and security can benefit.

Russian-speaking "Void Balaur" group's victims include politicians, dissidents, human rights activists, doctors, and journalists, security vendor discloses at Black Hat Europe 2021.

One size won't fit all as we try to reconcile the need to demonstrate expertise and value with keeping clients and researchers safe.

November security update contains patches for 55 bugs — including six zero-days across various products.

These scripts and commands provide short-term fixes for blocking the Trojan Source attack that abuses Unicode to inject malicious backdoors int source code.