It’s Hard to Spell Security with API (Translation: You Need an AppSec Strategy)

by John Verry | Mar 3, 2022 | Ethical Hacking

Reading Time: 3 minutes         The rapid growth of APIs has led to significant security risks. Unless you have been marooned on an uncharted coral atoll for the last five years, you realize that the term application programming...

Can Attack Surface Management Help with Vulnerability Assessment?

by Richard Barrus | Feb 1, 2022 | Application Security

Reading Time: 3 minutes                 It seems like every week a new vulnerability surfaces that organizations need to be concerned about, evaluate and potentially address. How can you even keep up, let alone be...

Severe Log4j 2 Vulnerability Puts Huge Swath of Enterprise and SaaS Apps at Grave Risk

by Taylor Smith | Dec 13, 2021 | Application Security

Reading Time: 2 minutes           The recent emergence of CVE-2021-44228, the so-called Log4Shell vulnerability, is a critical flaw affecting multiple versions of the ubiquitous Apache Log4j 2 Java logging framework. Attackers are...

Sharing is not always caring: Back to Work, Back to School? Protect Your Devices with These Golden Rules!

by Richard Barrus | Sep 15, 2021 | IoT Security

Reading Time: 2 minutes With summer vacation coming to an end, folks are headed back to work and school. Due to the pandemic this no longer means heading back to the office or classroom, as many continue to work and learn remotely. But wherever you are,...

The New OWASP IoT Security Verification Standard (ISVS) – What Does It Include?

by Richard Barrus | Mar 24, 2021 | IoT Security

Reading Time: 3 minutes The OWASP Foundation is a globally respected source of guidance on web application security. Many cybersecurity practitioners will be familiar with OWASP’s well-known Top 10 and Application Security Verification Standard (ASVS)...