featureThe CSO guide to top security conferencesTracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.By CSO Staff01 Apr 202417 minsTechnology IndustryIT SkillsEvents news analysis Software supply chain attack impacts repo of large Discord bot communityBy Lucian Constantin27 Mar 20246 minsDevSecOpsMalwareSupply Chainfeature Teams, Slack, and GitHub, oh my! – How collaborative tools can create a security nightmareBy Susan Bradley19 Mar 20247 minsWindows SecurityApplication SecurityCloud Security news analysisNew Kubernetes vulnerability allows privilege escalation in WindowsBy Lucian Constantin 13 Mar 20246 minsDevSecOpsApplication SecurityVulnerabilities newsTool sprawl is hurting application security, US CSOs sayBy Shweta Sharma 13 Feb 20245 minsApplication Security featureHow to strengthen your Kubernetes defensesBy David Strom 13 Feb 20248 minsDevSecOpsApplication SecurityIdentity and Access Management news analysisDeprecated npm packages that appear active present open-source riskBy Lucian Constantin 19 Jan 20245 minsDevSecOpsApplication SecurityOpen Source featureThe OWASP AI Exchange: an open-source cybersecurity guide to AI componentsBy Chris Hughes 16 Jan 20249 minsDevSecOpsApplication SecuritySecurity Practices featureUnderstanding the NSA’s latest guidance on managing OSS and SBOMsBy Chris Hughes 25 Dec 20239 minsApplication SecurityOpen SourceSecurity Practices Articlesnews analysisAtlassian patches critical remote code execution vulnerabilities in multiple productsThe company also releases advisories for high-severity data leaks and denial-of-service issues across multiple products, including Jira and Confluence.By Lucian Constantin 12 Dec 2023 6 minsDDoSApplication SecurityVulnerabilitiesnewsSnyk unveils new ASPM offering to help DevSecOps manage cloud application risksSnyk AppRisk provides an ASPM workbench for the developers and security teams to discover assets, and analyze business and security context to quantify risks.By Shweta Sharma 12 Dec 2023 3 minsApplication SecurityfeatureAccenture takes an industrialized approach to safeguarding its cloud controlsSecurity was once a hindrance for Accenture developers. But since centralizing the company's compliance controls, the process has never been simpler.By Aimee Chanthadavong 11 Dec 2023 8 minsApplication SecurityCloud SecurityCompliancenewsGoogle expands minimum security guidelines for third-party vendorsGoogle's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features.By John Mello Jr. 08 Dec 2023 4 minsApplication SecuritySupply ChainnewsBSIMM 14 finds rapid growth in automated security technologyEmbrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing.By John Mello Jr. 06 Dec 2023 4 minsApplication SecurityNetwork SecurityfeatureWhat should be in a company-wide policy on low-code/no-code developmentLow-code/no-code development could bridge the gulf of development backlogs that exists between great ideas and great execution of digital innovation. But not without security policies around areas like access control, code quality, and application visibility.By Ericka Chickowski 06 Dec 2023 15 minsApplication SecuritySecurity PracticesnewsMicrosoft pledges cybersecurity overhaul to protect products and servicesMicrosoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats.By Michael Hill 02 Nov 2023 9 minsInternet SecurityApplication SecurityNetwork SecuritynewsBackSlash’s new ASPM combines existing AppSec with context-based risk prioritizationThe new platform is designed to drastically reduce alert noise and allow security teams to focus on genuine threats.By Shweta Sharma 01 Nov 2023 3 minsApplication SecuritynewsFailure to verify OAuth tokens enables account takeover on websitesReport shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information.By Lucian Constantin 27 Oct 2023 7 minsAuthenticationApplication SecuritySecurity Practicesfeature6 most common types of software supply chain attacks explainedNot all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.By Ax Sharma 25 Oct 2023 15 minsCyberattacksSupply ChainApplication SecurityfeatureStopping the two-factor threat: configuring Microsoft Entra ID to prevent authentication breachesBad actors that have breached a system can adding fake devices to bypass multifactor authentication – here’s how to stop themBy Susan Bradley 17 Oct 2023 6 minsMulti-factor AuthenticationAuthenticationMobile SecuritynewsFIDO Alliance certifies security of edge nodes, IoT devices Certification demonstrates that products are at low risk of cyberthreats and will interoperate securely.By Michael Hill 27 Sep 2023 3 minsCertificationsInternet SecuritySecurity Hardware Show more Show less View all Resources whitepaper Data Protection in a Multicloud World Data protection challenges resulting in disruption are on the rise with public clouds and cyberattacks the leading areas of concern. Organizations that continue to modernize data protection can minimize risk and raise confidence levels The post Data Protection in a Multicloud World appeared first on Whitepaper Repository –. By Dell Technologies 18 May 2023Cloud SecurityData and Information SecurityMulti Cloud whitepaper Top reasons why customers choose Dell VxRail By Dell Technologies 18 May 2023Infrastructure ManagementIT ManagementSystem Management whitepaper The Long Road Ahead to Ransomware Preparedness By Dell Technologies 17 May 2023Cloud SecurityRansomwareSecurity View all Podcasts podcastsCSO Executive Sessions / ASEANIn this weekly series, host Xiou Ann Lim, Editor for CSO ASEAN at Foundry, interviews top chief information security officers throughout the ASEAN region to discuss current security threats, critical IT projects, security skills and careers, and much more.0 episodeApplication Security Ep. 57 CSO Executive Sessions: 2024 International Women's Day special 13 Mar 202410 mins CSO and CISO Ep. 56 CSO Executive Sessions: Former convicted hacker Hieu Minh Ngo on blindspots in data protection 20 Feb 202421 mins CSO and CISO Video on demand videoCSO Executive Sessions with Mohammad Firdaus Juhari, Head of Digital Security, edotco GroupMohammad Firdaus Juhari, Head of Digital Security at edotco Group, joins host Xiou Ann Lim, Editor for CSO ASEAN, for this CSO Executive Sessions interview. 23 May 2023 18 minsApplication Security What’s ahead for cybersecurity in 2019: TECH(talk) 01 Feb 2019 25 minsRansomwareTechnology IndustryCyberattacks 6 security reasons to upgrade to Windows 10 25 Jul 2018 1 minsApplication SecurityPrivacyWindows Don’t ignore application security | Salted Hash Ep 35 23 Jul 2018 18 minsApplication SecurityVulnerabilitiesSecurity See all videos Explore a topic Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news AT&T suffers critical breach impacting 73 million customers By Shweta Sharma 01 Apr 20244 mins Data Breach feature Recruit for diversity: Practical ways to remove bias from the hiring process By Aimee Chanthadavong 01 Apr 20248 mins Careers news Top cybersecurity product news of the week By CSO staff 29 Mar 202470 mins Generative AISecurity podcast CSO Executive Sessions: 2024 International Women's Day special 13 Mar 202410 mins CSO and CISO podcast CSO Executive Sessions: Former convicted hacker Hieu Minh Ngo on blindspots in data protection 20 Feb 202421 mins CSO and CISO podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison 20 Nov 202315 mins CSO and CISO video CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care 01 Apr 202416 mins CSO and CISO video CSO Executive Sessions: 2024 International Women's Day special 13 Mar 202410 mins CSO and CISO video LockBit feud with law enforcement feels like a TV drama 05 Mar 202456 mins RansomwareArtificial Intelligence