featureThe CSO guide to top security conferencesTracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.By CSO Staff30 Aug 20248 minsTechnology IndustryIT SkillsEvents feature What is OWASP? A standard bearer for better web application securityBy Linda Rosencrance28 Aug 20248 minsInternet SecurityIT SkillsApplication Securityopinion Bug bounty programs take root in Russia — with possible far-reaching implicationsBy Sarah Wiedemar27 Aug 20247 minsTechnology IndustryApplication Security newsBlack Hat: Latest news and insightsBy CSO Staff 08 Aug 20244 minsAdvanced Persistent ThreatsWindows SecurityThreat and Vulnerability Management feature6 hot cybersecurity trends — and 2 going coldBy Neal Weinberg 06 Aug 202411 minsPasswordsRansomwarePhishing featureWhat is identity fabric immunity? Abstracting identity for better securityBy Matthew Tyson 03 Apr 202411 minsCSO and CISOApplication SecurityIdentity and Access Management news analysisSoftware supply chain attack impacts repo of large Discord bot communityBy Lucian Constantin 27 Mar 20246 minsDevSecOpsMalwareSupply Chain featureTeams, Slack, and GitHub, oh my! – How collaborative tools can create a security nightmareBy Susan Bradley 19 Mar 20247 minsWindows SecurityApplication SecurityCloud Security news analysisNew Kubernetes vulnerability allows privilege escalation in WindowsBy Lucian Constantin 13 Mar 20246 minsDevSecOpsApplication SecurityVulnerabilities ArticlesnewsTool sprawl is hurting application security, US CSOs saySecurity teams are managing many independent security tools and are able to fully review only half of major code changes, a new survey has found.By Shweta Sharma 13 Feb 2024 5 minsApplication SecurityfeatureHow to strengthen your Kubernetes defensesKubernetes-focused attacks are on the rise. Here is an overview of the current threats and best practices for securing your clusters.By David Strom 13 Feb 2024 8 minsDevSecOpsApplication SecurityIdentity and Access Managementnews analysisDeprecated npm packages that appear active present open-source riskA significant percentage of the 50,000 most-downloaded npm packages are deprecated or have a deprecated dependency but provide no warning.By Lucian Constantin 19 Jan 2024 5 minsDevSecOpsApplication SecurityOpen SourcefeatureThe OWASP AI Exchange: an open-source cybersecurity guide to AI componentsThis open-source collaborative effort to share global AI security standards, regulations, and knowledge aims to mitigate risk and boost AI cybersecurity for all.By Chris Hughes 16 Jan 2024 9 minsDevSecOpsApplication SecuritySecurity PracticesfeatureUnderstanding the NSA’s latest guidance on managing OSS and SBOMsOpen-source software is ever vulnerable to malicious actors, but software bills of material can help mitigate the threat. NSA guidance sets a solid foundation for managing the ecosystem.By Chris Hughes 25 Dec 2023 9 minsApplication SecurityOpen SourceSecurity Practicesnews analysisAtlassian patches critical remote code execution vulnerabilities in multiple productsThe company also releases advisories for high-severity data leaks and denial-of-service issues across multiple products, including Jira and Confluence.By Lucian Constantin 12 Dec 2023 6 minsDDoSApplication SecurityVulnerabilitiesnewsSnyk unveils new ASPM offering to help DevSecOps manage cloud application risksSnyk AppRisk provides an ASPM workbench for the developers and security teams to discover assets, and analyze business and security context to quantify risks.By Shweta Sharma 12 Dec 2023 3 minsApplication SecurityfeatureAccenture takes an industrialized approach to safeguarding its cloud controlsSecurity was once a hindrance for Accenture developers. But since centralizing the company's compliance controls, the process has never been simpler.By Aimee Chanthadavong 11 Dec 2023 8 minsApplication SecurityCloud SecurityCompliancenewsGoogle expands minimum security guidelines for third-party vendorsGoogle's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features.By John P. Mello Jr. 08 Dec 2023 4 minsApplication SecuritySupply ChainnewsBSIMM 14 finds rapid growth in automated security technologyEmbrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing.By John P. Mello Jr. 06 Dec 2023 4 minsApplication SecurityNetwork SecurityfeatureWhat should be in a company-wide policy on low-code/no-code developmentLow-code/no-code development could bridge the gulf of development backlogs that exists between great ideas and great execution of digital innovation. But not without security policies around areas like access control, code quality, and application visibility.By Ericka Chickowski 06 Dec 2023 15 minsApplication SecuritySecurity PracticesnewsMicrosoft pledges cybersecurity overhaul to protect products and servicesMicrosoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats.By Michael Hill 02 Nov 2023 9 minsInternet SecurityApplication SecurityNetwork Security Show more Show less View all Resources whitepaper Best Practices in Cybersecurity and Cyber Resilience In today’s digital world, consumers and employees expect organizations of all types and sizes to operate without interruption. In fact, contractual obligations and service level agreements demand it. The post Best Practices in Cybersecurity and Cyber Resilience appeared first on Whitepaper Repository –. By Cohesity Inc. 26 Aug 2024Business OperationsCybercrimeData and Information Security whitepaper Cyber resilience in the ransomware era By Cohesity Inc. 26 Aug 2024Business OperationsCybercrimeSecurity whitepaper Unlock the power of AI and ML for data protection By Cohesity Inc. 26 Aug 2024Artificial IntelligenceBusiness OperationsMachine Learning View all Video on demand videoWhat’s ahead for cybersecurity in 2019: TECH(talk)J.M. Porup, senior writer at CSO online, joins Juliet on this week’s episode of TECH(talk) to discuss trends in ransomware, IoT security and enterprise cybersecurity roles. 01 Feb 2019 25 minsRansomwareTechnology IndustryCyberattacks 6 security reasons to upgrade to Windows 10 25 Jul 2018 1 minsApplication SecurityPrivacyWindows Don’t ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34 03 Jul 2018 16 minsData BreachApplication SecurityCybercrime See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos feature How to ensure cybersecurity strategies align with the company’s risk tolerance By Rosalyn Page 03 Sep 202410 mins CSO and CISORisk Management news North Korean hackers actively exploited a critical Chromium zero-day By Shweta Sharma 02 Sep 20243 mins Zero-day vulnerability feature Ransomware recovery: 8 steps to successfully restore from backup By Maria Korolov 02 Sep 202417 mins RansomwareMalwareBackup and Recovery podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins RansomwareZero TrustCloud Security video CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience 10 Jul 202424 mins CSO and CISO