Empowering the Shift: From Integration to Innovation in Application Security
Last month, we explored how organizations can reclaim control over their Application Security (AppSec). Building on that discussion, we now delve deeper into the transformative steps necessary for security decision-makers to redefine and strengthen control, aiming to foster an environment of proactive engagement and innovation. Architecting the blueprint In the previous post, we showed […]
It is Time to Reclaim Control (and Responsibility) Over Your Application Security
In recent years, the cybersecurity industry has embraced a “shift left” approach, advocating for security considerations to be integrated earlier in the software development lifecycle. This strategy, born from a desire to prevent security issues before they arise, encourages embedding security checks within the development phase, even as far as the Integrated Development Environment (IDE), […]
From Risk to Resolution: OX Security’s Integrations with KEV and EPSS Drive Smarter Vulnerability Prioritization
In June 2023, a critical vulnerability (CVE-2023-34362) in the MOVEit Transfer file transfer software was exploited by adversaries, resulting in a series of high-profile data breaches. Despite the availability of patches, and the vulnerability being publicly known and actively exploited, many organizations failed to prioritize its remediation. This lapse allowed attackers to gain unauthorized access […]
Code’s Covert Threat: Unveiling Secrets and Personally Identifiable Information (PII)
“I fail to comprehend the rationale behind labeling them as secrets when, time and again, my developers persist in embedding them openly in the code,” remarked the CISO upon learning about yet another undisclosed secret integrated by the development team into an internet-exposed application, complete with admin permissions, no less. Does this sound familiar to […]
Prepare Your Response Plan for the Upcoming libcurl Security Alert
“On October 11, we will ship #curl 8.4.0, cutting the release cycle short due to the discovery of a severity HIGH security issue. Buckle up. This is probably the worst security problem found in curl in a long time.” Said Daniel Stenberg on LinkedIn and X (formerly Twitter) Why should you care? libcurl and […]
Streamline open-source security issues by consolidating
TLDR: Watch the YouTube video Find the root cause and fix it by consolidating your open-source security issues Open-source packages have revolutionized the world of software development, empowering organizations to leverage pre-existing components, accelerate development cycles, and foster collaboration within the developer community. These packages provide a wealth of functionality and flexibility, reducing development time […]