Category: Security Boulevard

Creators, Authors and Presenters: Norman Sadeh And Lorrie Cranor, Carnegie Mellon University Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX 2025: PEPR ’25 – UsersFirst:…

Read more →

Learn everything about Risk-Based Authentication (RBA): its benefits, implementation, and future trends. Enhance your application security with this comprehensive guide. The post Complete Guide to Understanding Risk-Based Authentication appeared first on Security Boulevard. This article has been indexed from Security…

Read more →

Why Are Non-Human Identities Crucial in Cybersecurity? How often do we consider machine identities when contemplating cybersecurity measures? It’s clear that non-human identities (NHIs) are essential players in maintaining robust security frameworks. These identities, often overlooked, are vital in fortifying…

Read more →

Are You Prepared for the Next Cybersecurity Threat? Where cyber threats evolve faster than yesterday’s news, staying ahead requires a multi-faceted approach. One significant area of focus is the management of Non-Human Identities (NHIs), crucial components. But what precisely makes…

Read more →

Creators, Authors and Presenters: Katharina Koerner, Trace3; Nandita Rao Narla, DoorDash Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX 2025: Using Privacy Infrastructure To Kickstart…

Read more →

China’s Belt and Road Initiative (BRI) is well known for funding major infrastructure projects, including new highways, ports and energy plants across more than 150 countries. However, China has also gained a serious foothold when it comes to surveillance infrastructure.…

Read more →

Craig Adams, chief product officer at Rapid7, discusses the growing complexity of security operations and how organizations can better align tools, teams and processes. Adams, a longtime technology leader, notes that one of the biggest pain points he hears from…

Read more →

Idan Dardikman, co-founder and CTO of Koi Security, discusses the company’s emergence from stealth and its mission to address one of cybersecurity’s most persistent challenges: securing identity. Dardikman explains that while the industry has poured resources into endpoint, network, and…

Read more →

CISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack — patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach,…

Read more →

The call came from a Fortune 20 customer yesterday morning. “Hey, Vinay, we’re getting flooded with noise about these two new Cisco ASA/FTD vulnerabilities that CISA posted the emergency advisory on. We are seeing a ton of inconsistent information, would…

Read more →

Craig Adams, chief product officer at Rapid7, discusses the growing complexity of security operations and how organizations can better align tools, teams and processes. Adams, a longtime technology leader, notes that one of the biggest pain points he hears from…

Read more →

Salesforce is facing a possible class action lawsuit from almost two dozen plaintiffs who say the SaaS giant should have had better security around its platform, even though a spate of high-profile data-stealing attacks on third-party partners did not start…

Read more →

Alan examines why the software supply chain has become the new perimeter in cloud-native security. From SBOMs to SLSA and Sigstore, discover how leaders can defend against attacks that target dependencies, pipelines and trusted updates. The post The New Perimeter…

Read more →

Network security has become a top priority for modern businesses, particularly those entrusted with sensitive financial and personal data. Moreover, Gartner projects a 15% increase in global cybersecurity spending, with a significant focus on security services, software, and strengthening network…

Read more →

Remote access is essential for modern enterprises. IT administrators, DevOps teams, and vendors need to connect to critical infrastructure using Remote Desktop Protocol (RDP) or Secure Shell (SSH). But many organizations still allow these sessions without enforcing a critical security…

Read more →

Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by an advanced threat actor associated with the ArcaneDoor campaign.  Update September 25: This FAQ blog has been updated to include…

Read more →

Shadow AI isn’t a fringe behavior; it’s the norm. My team recently analyzed AI usage patterns across multiple industries and found signs of unapproved AI activity in more than 80% of the 100+ customer organizations sampled. Whether it’s sales teams…

Read more →

A popular MCP server in the NPM repository that was being downloaded 1,500 times a week suddenly began quietly copying emails and sending them to a C2 server after the developer inserted a line of code. Koi Security researchers said…

Read more →

Secure your CI/CD pipelines with SonarQube Cloud’s Scoped Organization Tokens (SOT). A resilient, user-decoupled way to manage authentication and prevent broken builds. The post Introducing Scoped Organization Tokens for SonarQube Cloud appeared first on Security Boulevard. This article has been…

Read more →

The rise of open source software during the AI boom presents a dual outlook of unprecedented opportunities and risks. Governance gaps, security vulnerabilities, and compliance challenges can ripple across engineering teams, slowing innovation while exposing organizations to unnecessary threats. The…

Read more →