API security requires a holistic approach to the design, implementation, maintenance, and lifecycle management of all things API. With API traffic making up almost 70% of all Internet traffic, they are a lucrative target for cybercriminals. 84% of organizations admit they don’t currently have advanced API security in their stack, so it’s unsurprising that API-related security incidents cost global businesses as much as $75 billion annually ...

In Episode 62 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the cybersecurity careers in the market right now ...

The 2024 Cloud Security Report from Cybersecurity Insiders and Check Point is now available for download. The new report draws on the experience and perspective of over 800 cloud and cybersecurity professionals to provide a deep look at the current state of cloud security. We asked these industry experts to evaluate the effectiveness of their existing security measures and to report on the adoption of the latest security solutions at their companies. Taken all together, these insights provide a comprehensive view of the big opportunities and persistent challenges of cloud security ...

Managing and securing your software supply chain is vital to delivering reliable, trusted releases in today's software world. With the constant growth of open-source components, assessing your organization's ability to manage them is crucial. To help you prepare, JFrog compiled a report ...

A surprising amount of organizations aren't embracing automation when it comes to securing cloud deployments, according to the State of DevSecOps 2024 report from Datadog ...

In Episode 59 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA celebrate Star Wars Day and discuss how the evil Empire failed due to security immaturity ...

Remember that troublesome Terraform misconfiguration that leaked sensitive keys? Security incidents like that are the stuff of developer nightmares. Safeguarding our Infrastructure as Code (IaC) becomes a non-negotiable part of the DevSecOps game. Policy as Code (PaC) steps in to assist us in staying ahead of the curve with the sheer volume of IaC templates, scripts, and modules. Here are five steps to securing IaC with PaC ...

The runaway train of change continues at a relentless pace in the world of IT infrastructure. As computing drives from on-premises to the cloud out to the edge, the proliferation of devices shows no sign of letting up either ... What does this mean for DevOps? ...

As companies grapple with the rapid integration of AI into web applications, questions of risk mitigation and security are top of mind. AI-infused coding and secure defaults offer the potential for improved security, but organizations are still challenged with practical steps beyond just writing intent into policies and procedures. Further there are unique challenges with consumer-facing models not related to work, but something that must be managed as part of the growing attack surface ...

In Episode 55 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the latest Linux SSH attacks and their impact on supply chain ...

Today, more than 98% of websites around the world use JavaScript as their go-to client-side coding language. But this use introduces challenges — today the average web page has more than 60 third-party scripts that are unmonitored and have uncontrolled access to forms and data anywhere on the page. Here are four examples of challenges businesses are facing as a result ...

Over 80% of survey respondents indicated that a critical security issue in deployed software impacted their DevOps delivery schedule in the last year, according to the Global State of DevSecOps 2023 report from Synopsys ...