Application and platform security

Applications and platform security is the basis of preventing vulnerabilities and attacks. Learn the latest about applications attacks, secure software development, patch management, OS security, virtualization, open source security, API security, web app and server security and more.

May 19, 2022 19 May'22
VMware vulnerabilities under attack, CISA urges action

Administrators are grappling with four VMware vulnerabilities -- two older flaws that are under active exploitation and two new bugs that CISA believes will be exploited soon.
May 05, 2022 05 May'22
Hackers exploit vulnerable Adminer for AWS database thefts

Mandiant researchers spotted a threat group using an exploit for older versions of Adminer to get their hands on metadata that included secret keys for AWS accounts.
May 05, 2022 05 May'22
Google cloud misconfiguration poses risk to customers

Cloud security vendor Mitiga discovered 'dangerous functionality' in the Google Cloud Platform that could allow attackers to compromise virtual machines.
April 28, 2022 28 Apr'22
Phishing attacks benefiting from shady SEO practices

Cybercriminals running phishing operations are now making use of SEO specialists that break Google's rules to get themselves placed above legitimate search results to lure victims.

Bring yourself up to speed with our introductory content

Patch Tuesday

Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system (OS) and other Microsoft software. Continue Reading
Windows Server 2022 security hardening guide for admins

Emerging threats continue to target the Windows ecosystem, but there are multiple methods to make it tougher to be the victim of a malicious hack attempt. Continue Reading
content filtering

Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

How micropatching could help close the security update gap

Countless known but unpatched vulnerabilities pose significant, ongoing risk to the typical enterprise. Learn how micropatching could help close the security update gap. Continue Reading
Case study: Scaling DevSecOps at Comcast

Comcast's DevSecOps transformation started small but quickly gained steam, resulting in 85% fewer security incidents in production. Learn more in this case study. Continue Reading
The top secure software development frameworks

Keeping security top of mind when developing software is paramount. Learn how to incorporate security into the SDLC with the top secure software development frameworks. Continue Reading

Learn to apply best practices and optimize your operations.

5 reasons software updates are important

When it's time to update your software programs, don't delay. Updates can prevent security issues and improve compatibility and program features. Continue Reading
Query event logs with PowerShell to find malicious activity

Every action on a Windows Server system gets recorded, so don't get caught by an avoidable security incident. Learn how to find potential security problems in event logs. Continue Reading
Is cloud critical infrastructure? Prep now for provider outages

The cloud has quickly become critical infrastructure to many organizations. Learn about the top cloud provider outages, and discover tips on preventing disruption during downtime. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Use microsegmentation to mitigate lateral attacks

Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
Protect APIs against attacks with this security testing guide

API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them. Continue Reading
How to mitigate Log4Shell, the Log4j vulnerability

The easy-to-exploit Log4j vulnerability known as Log4Shell is dangerous and must be dealt with as soon as possible. Get pointers on how to mitigate and monitor the threat. Continue Reading