Application and platform security

Applications and platform security is the basis of preventing vulnerabilities and attacks. Learn the latest about applications attacks, secure software development, patch management, OS security, virtualization, open source security, API security, web app and server security and more.

May 26, 2022 26 May'22
Twitter fined $150M for misusing 2FA data

The DOJ and FTC said the social media company misused consumers' personal data for advertisement purposes, from which it gained benefit.
May 24, 2022 24 May'22
Developers targeted by poisoned Python library

A developer's expired domain led to a threat actor taking control of an open source library and poisoning it with malware that could steal private keys for AWS instances.
May 19, 2022 19 May'22
VMware vulnerabilities under attack, CISA urges action

Administrators are grappling with four VMware vulnerabilities -- two older flaws that are under active exploitation and two new bugs that CISA believes will be exploited soon.
May 05, 2022 05 May'22
Hackers exploit vulnerable Adminer for AWS database thefts

Mandiant researchers spotted a threat group using an exploit for older versions of Adminer to get their hands on metadata that included secret keys for AWS accounts.

Bring yourself up to speed with our introductory content

Patch Tuesday

Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software. Continue Reading
Windows Server 2022 security hardening guide for admins

Emerging threats continue to target the Windows ecosystem, but there are multiple methods to make it tougher to be the victim of a malicious hack attempt. Continue Reading
content filtering

Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Top 4 source code security best practices

Software supply chain attacks are on the rise. Follow these source code best practices to protect both in-house and third-party code. Continue Reading
Apple, Microsoft, Google expand FIDO2 passwordless support

Achieving true passwordless experiences begins with companies working together to adopt standards that enable customers to use multiple devices seamlessly, regardless of OS. Continue Reading
How micropatching could help close the security update gap

Countless known but unpatched vulnerabilities pose significant, ongoing risk to the typical enterprise. Learn how micropatching could help close the security update gap. Continue Reading

Learn to apply best practices and optimize your operations.

5 fundamental strategies for REST API authentication

There are various authentication methods for REST APIs, ranging from basic credentials and token encryption to complex, multilayered access control and permissions validation. Continue Reading
5 reasons software updates are important

When it's time to update your software programs, don't delay. Updates can prevent security issues and improve compatibility and program features. Continue Reading
Query event logs with PowerShell to find malicious activity

Every action on a Windows Server system gets recorded, so don't get caught by an avoidable security incident. Learn how to find potential security problems in event logs. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Use microsegmentation to mitigate lateral attacks

Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
Protect APIs against attacks with this security testing guide

API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them. Continue Reading
How to mitigate Log4Shell, the Log4j vulnerability

The easy-to-exploit Log4j vulnerability known as Log4Shell is dangerous and must be dealt with as soon as possible. Get pointers on how to mitigate and monitor the threat. Continue Reading