In this episode of "APAC Insights," Sujit Christy, president of ISACA's Colombo chapter, discusses the growing need for organizations to focus on cyber supply chain security, including third-party and fourth-party suppliers, which can create significant vulnerabilities.
AI-assisted coding tools can speed up code production but often replicate existing vulnerabilities when built on poor-quality code bases. Snyk's Randall Degges discusses why developers must prioritize code base quality to maximize the benefits and minimize the risks of using AI tools.
APIs are the connections that make digital business happen. Companies on average rely on more than 15,000 APIs, but these interfaces pose security risks. In this "Deep Dive" special report, ISMG's Anna Delaney explores how security leaders are tackling API security.
Trail of Bits' Michael Brown explores the dual challenges of applying AI and ML to cybersecurity and securing these evolving technologies themselves. He discusses the complementary nature of traditional and AI/ML-based approaches and highlights the pressing need for secure development life cycles.
The recent CrowdStrike outage has forced CISOs to rethink their approach to software updates and security practices. David Brumley, CEO of Mayhem Security, discusses why thorough code analysis, staged rollouts and stress testing are crucial for ensuring software reliability.
AI has revolutionized app development, while also introducing security challenges. Liqian Lim of Snyk discusses the importance of implementing security measures early in the development process to manage AI tool-related risks and safeguard the software development life cycle from vulnerabilities.
Federal regulators and SolarWinds are eyeing a truce weeks after a judge dismissed most claims related to misleading investors about the company's security practices and risks. SEC lawyer Christopher Bruckmann said his team "proposed specific settlement terms," but the defense is unlikely to accept.
In the modern, API-driven era — where 26 to 50 APIs power the average application — API security couldn’t be more important. Unsecured APIs make easy targets for bad actors searching for exposed application logic, resources and sensitive data.
But despite having multiple API security products in place, 92% of...
Snyk CEO Peter McKay discusses lessons from the recent CrowdStrike outage, emphasizing the importance of robust development practices, effective communication and the integration of quality and security in modern software development. He also highlights Snyk's role in advancing developer security.
A supply chain security firm led by an ex-Google Cloud engineer closed a Series C round to assist AI workloads and expand its open-source software catalog. Chainguard raised $140 million just eight months after completing a $61 million Series B funding round, tripling its valuation to $1.12 billion.
A judge Thursday dismissed most of the claims federal regulators made against SolarWinds related to allegedly misleading investors about the company's cybersecurity practices and risks. The SEC can proceed only with claims related to the security statement issued by SolarWinds before the 2020 hack.
Multiple threat actors began exploiting a critical vulnerability in PHP within a day of its public disclosure last month and are moving quickly to infect systems with malware, according to a report by the Akamai Security Intelligence Response Team. Administrators are advised to patch immediately.
The U.S. Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found during an investigation into a 2017 ransomware attack involving NotPetya. It's HHS' third enforcement action in a ransomware case.
Developers are using more and more open-source code because they "want to move fast," said Cycode's Lotem Guy. But the speed of development and the continuous deployment that follows means security teams have to catch up to the fast-moving development life cycle.
Synopsys' Software Integrity Group will become a standalone company under Francisco Partners and Clearlake once the $2.1 billion transaction closes. General Manager Jason Schmitt explains the significance of the acquisition, the carve-out process and future growth strategies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.