Author: Boaz Barzel

It is Time to Reclaim Control (and Responsibility) Over Your Application Security

shift left

In recent years, the cybersecurity industry has embraced a “shift left” approach, advocating for security considerations to be integrated earlier in the software development lifecycle. This strategy, born from a desire to prevent security issues before they arise, encourages embedding security checks within the development phase, even as far as the Integrated Development Environment (IDE), […]

From Risk to Resolution: OX Security’s Integrations with KEV and EPSS Drive Smarter Vulnerability Prioritization

From Risk to Resolution: OX Security’s Integrations with KEVs and EPSS Drive Smarter Vulnerability Prioritization

In June 2023, a critical vulnerability (CVE-2023-34362) in the MOVEit Transfer file transfer software was exploited by adversaries, resulting in a series of high-profile data breaches. Despite the availability of patches, and the vulnerability being publicly known and actively exploited, many organizations failed to prioritize its remediation. This lapse allowed attackers to gain unauthorized access […]

Code’s Covert Threat: Unveiling Secrets and Personally Identifiable Information (PII)

Secrets Blog Featured Image

“I fail to comprehend the rationale behind labeling them as secrets when, time and again, my developers persist in embedding them openly in the code,” remarked the CISO upon learning about yet another undisclosed secret integrated by the development team into an internet-exposed application, complete with admin permissions, no less. Does this sound familiar to […]

Prepare Your Response Plan for the Upcoming libcurl Security Alert

1200x628 (23)

“On October 11, we will ship #curl 8.4.0, cutting the release cycle short due to the discovery of a severity HIGH security issue. Buckle up. This is probably the worst security problem found in curl in a long time.” Said Daniel Stenberg on LinkedIn and X (formerly Twitter)   Why should you care? libcurl and […]

Streamline open-source security issues by consolidating

Frame 2 (1)

TLDR: Watch the YouTube video Find the root cause and fix it by consolidating your open-source security issues Open-source packages have revolutionized the world of software development, empowering organizations to leverage pre-existing components, accelerate development cycles, and foster collaboration within the developer community. These packages provide a wealth of functionality and flexibility, reducing development time […]