Category: Help Net Security

Semgrep announced Semgrep Assistant, a tool that uses Artificial Intelligence (AI) to drive efficiencies and uncover insights across all phases of an AppSec program, from rule creation to remediation. Semgrep is a static code analysis tool that alerts users about…

Read more →

Apiiro has announced a product integration and partnership with Secure Code Warrior to extend its ASPM technology and processes to the people layer. The partnership combines Apiiro’s deep code analysis and risk context with Secure Code Warrior’s agile learning catalog…

Read more →

CyberSaint announced the company has raised $21 million in Series A funding led by Riverside Acceleration Capital (RAC). Additional participating investors include Sage Hill Investors, Audeo Capital, and BlueIO. The funding will build on customer momentum, accelerate market expansion, and…

Read more →

Portnox introduced its Conditional Access for Applications solution. Available as part of the Portnox Cloud platform, Conditional Access for Applications delivers easy-to-implement passwordless authentication, endpoint risk posture assessment, and automated endpoint remediation for organizations seeking to harden their application security…

Read more →

Venafi introduced SPIFFE (Secure Production Identity Framework For Everyone) support for Venafi Firefly, Venafi’s lightweight workload identity issuer designed to support modern, highly distributed cloud native workloads. As workload identity plays an increasingly fundamental role in cloud native architectures, today’s…

Read more →

An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. Malware tactics and techniques The analyzed malware samples were most…

Read more →

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms…

Read more →

Nirmata announced new features for its flagship product, Nirmata Policy Manager. With today’s increasing cloud security threats, detecting intrusions is no longer enough – the damage may already be done. That’s why Nirmata has developed Nirmata Policy Manager to proactively…

Read more →

As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is red teaming: the…

Read more →

Even with the best-of-the-best tools and tech stack monitoring vulnerabilities, every security executive and GRC leader should still have some layer of paranoia. If they don’t, that’s a huge issue. In this Help Net Security video, Shrav Mehta, CEO at…

Read more →

Data loss is a problem stemming from the interaction between humans and machines, and ‘careless users’ are much more likely to cause those incidents than compromised or misconfigured systems, according to Proofpoint. While organizations are investing in ​Data Loss Prevention…

Read more →

A total of 29% of web attacks targeted APIs over 12 months (January through December 2023), indicating that APIs are a focus area for cybercriminals, according to Akamai. API integration amplifies risk exposure for enterprises APIs are at the heart…

Read more →

Appdome has unveiled its new Social Engineering Prevention service on the Appdome platform. The new service enables mobile brands to continuously detect, block and intervene the moment social engineering attacks attempt to exploit user trust or manipulate user behavior. The…

Read more →

Kasada released a bot detection API with out-of-the-box integrations for Content Delivery Network (CDN) edge computing platforms. Security teams can use the new integrations to quickly block abuse and online fraud without sacrificing user experience or data privacy. Threat actors…

Read more →

Tufin released of Tufin Orchestration Suite (TOS) version R24-1. The latest additions to Tufin’s solution enhance customers’ ability to manage cloud security controls from a centralized interface, making security policy management more effective. With TOS R24-1, Tufin enables complete visibility…

Read more →

CalypsoAI has launched the CalypsoAI Platform, a SaaS-based security and enablement solution for generative AI applications within the enterprise. With the new model-agnostic SaaS platform, technology, innovation, and security leaders can harness the power of generative AI and large language…

Read more →

Ordr has launched its new OrdrAI CAASM+ (Cyber Asset Attack Surface Management) product, built on top of the OrdrAI Asset Intelligence Platform. For years, Ordr has been solving asset visibility and security challenges in the world’s most demanding environments, including…

Read more →

Synopsys released Synopsys fAST Dynamic, a new dynamic application security testing (DAST) offering on the Synopsys Polaris Software Integrity Platform. fAST Dynamic enables development, security, and DevOps teams to find and fix security vulnerabilities in modern web applications without impeding…

Read more →

eSentire launched its first standalone cybersecurity product, eSentire Threat Intelligence, extending eSentire’s protection and automated blocking capability across firewalls, threat intelligence platforms, email services and endpoint agents. eSentire Threat Intelligence provides mid-market and enterprise organizations with a simple API gateway…

Read more →

Drata has unveiled a new offering, Adaptive Automation. Augmenting the scope of continuous control monitoring and evidence collection, Adaptive Automation empowers GRC professionals to save time and automate even more of their compliance program through customized tests within Drata’s platform,…

Read more →