Data Safety and Information Security

We can't have broad adoption of verifiable credentials until we find a way to scale their presentation by providing tooling that credential verifiers can use to reduce their risk and gain confidence in the facts presented to them.

Incorporating game-like elements can encourage developers to not only prioritize security, but do so in an engaging and rewarding way.

An application delivery platform that includes built-in security capabilities such as WAF, bot and API protection adds critical layers of defense.

In this post, we will dive into the exploit development process for the three modules we created in honor of the 30th anniversary of the Morris worm.

The most important lesson to figure out is why it is taking so long to restore services. That will tell us how to prevent such a calamity in other vital national institutions.

COMMISSIONED: Edge security is a growing headache. The attack surface is expanding as more operational functions migrate out of centralized locations and

Explore Zone One, the crucial starting point for bolstering your online privacy and security. Discover essential steps to safeguard your digital life, from password management to minimizing your digital footprint. Take control of your online presence and learn how to protect your personal information effectively.

Ransomware that's aimed at backup infrastructure can put critical backup repositories at risk as well as expose a treasure trove of corporate data.

UEFIs booting Windows and Linux devices can be hacked by malicious logo images.

QR codes can be convenient—but they can also be exploited by malicious actors. Here’s how to protect yourself.

A new report estimates that 73% of all internet traffic currently (Q3, 2023) comprises bad bots and related fraud farm traffic.

New mutual authentication approach for Kubernetes workloads suffers from eventual consistency, which can produce security vulnerabilities.

An in-depth explanation on Verifiable Credentials from identity first principles, and how and why we think they will happen

Protecting your user's personal medical information is vital in healthcare apps. Here's how to make sure you're doing everything to keep that data safe -

LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?

Database reconstruction allows an attacker to recover raw data from reported statistics. US Census data prior to 2020 was vulnerable to reconstruction attacks.

Though the name sounds secure, API keys do not offer robust security. Sensitive data requires a more fortified form of protection, such as tokens.

APIs are designed to connect and share data with other applications – and it can be easy to underestimate just how exposed that data is.

With the growing adoption of cloud-based tools, it’s important for companies to adapt. A new approach to access governance is necessary.

A look at what is lacking as eBPF for Kubernetes security continues to evolve as a work in progress.

Why a holistic approach to securing CI/CD pipelines is essential, plus practical steps to help fortify your pipeline against potential threats.

The latest IIW was great with many high intensity discussions of identity by people from across the globe.

Learn how SOAR, a collection of orchestration, automation and response technologies, helps organizations analyze, respond to and mitigate threats.

Learn how container runtimes work, why tightly coupled runtimes can lead to host takeover if an attacker escapes a container, and the benefits of secure container runtimes like gVisor and Kata Containers.

This recent costly incident illustrates the need to take extra efforts to up our security game to avoid being the next devastating headline.

Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number…