Forrester analyst Sandy Carielli highlights key API security aspects in Forrester's report titled The Eight Components of API Security," which covers governance, discovery, testing, authentication and protection from API breaches as many organizations are grappling with the maturity of these areas.
As we bid farewell to 2023, Philip Reitinger, president and CEO of the Global Cyber Alliance, reflected on the state of global cyber hygiene, shedding light on what's working, what needs improvement, and the transformative shifts necessary to achieve a cyber-secure future.
In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Ransomware, emerging AI technology and nation-state campaigns are among the top threats.
A recently spotted hacking group with a penchant for using open-source tools has been using a less-than-novel tactic: exploiting SQL injection flaws. So warn researchers who recently detected attacks by the group, which has the codename GambleForce and appears to focus on gambling and retail firms.
Zombie APIs are becoming more common, just because of the sheer number APIs and third-party vendors that organizations rely on. Joshua Scott, head of information security and IT at API platform Postman, says businesses need to identify "what is critical to the business and map backward."
In the latest weekly update, the former federal CISO, Grant Schneider, joins three editors at ISMG to discuss important cybersecurity issues, including advice for the next White House cyber director and liability concerns facing CISOs following SolarWinds and its CISO being accused of fraud.
The data leak and negotiation sites for the Ragnar Locker ransomware group went offline Thursday after an international law enforcement operation, backed by the FBI and police in Europe, seized its infrastructure. Whether the disruption spells the end for Ragnar Locker remains unclear.
Discover the crucial insights and predictions from experienced hackers about the intersection of Generative AI and cybersecurity, including emerging risks, vulnerabilities, and innovative approaches to safeguarding data and systems in this brave new world.
How does an organization achieve peace of mind with security while overcoming the challenges of complex hybrid and multi-cloud networks? Here are the top reasons why your organization should consider implementing a cloud-native firewall service to protect your AWS environments and applications.
APIs are susceptible to various security threats and vulnerabilities, but by adopting robust API runtime protection strategies, organizations can mitigate risks and ensure the ongoing availability, integrity and confidentiality of their APIs. Here are five reasons to provide APU runtime protection.
APIs have become increasingly popular as they are used to connect different systems, services and applications. But this makes them an attractive target for cybercriminals who want to exploits flaws and access sensitive data. Here are five critical reasons you need to conduct API security testing.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
Large enterprises may have hundreds or thousands of APIs. Concerns over API vulnerabilities have been around for years, but most organizations outside of highly regulated industries such as banking have not taken the steps to understand the threats they face, said Richard Bird, CSO at Traceable.
Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part because legitimate tools can be "jailbroken" to achieve similar results. What are they really achieving?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.