Beyond Security by Fortra is aware of a recently disclosed security issue related to the open-source Apache “Log4j2” utility (CVE-2021-44228). Log4j is a logging framework found in Java software. The flaw is tied to a failure by certain features in the Java Naming and Directory Interface (JNDI) which is used in configuration, log messages and […]
CTA Type: Blog
Infographic: BEST CODING PRACTICES FOR SECURE WEB APPLICATIONS
Keeping your organization protected from web application vulnerabilities doesn’t have to be complicated. There are some best secure coding practices that you can follow to ensure that you’re protecting your customers and preventing cyber criminals from damaging your company. […]
Read More… from Infographic: BEST CODING PRACTICES FOR SECURE WEB APPLICATIONS
New Automotive Cybersecurity Standards Require SAST and DAST Solutions
In the last decade, there have been 633 automotive cybersecurity incidents. Yet, this year at Black Hat, the automobile industry was able to breathe a momentary sigh of relief when a connected vehicle was presented as a hacking challenge, and no one succeeded. This stood in stark contrast to 2015 when researchers demonstrated the real danger of automotive […]
Read More… from New Automotive Cybersecurity Standards Require SAST and DAST Solutions
IoT Security 101
The COVID-19 pandemic left its indelible mark across our society. Our work, recreation, healthcare, and even grocery shopping became remote, digital, and reliant on the internet. The eruption of new apps and Internet of Things (IoT) devices proved a tempting target for cyber attackers; that brought security issues new and old to the fore. IoT […]
beSECURE Announces Integration with Core Impact Penetration Testing Tool
Though its already known for swiftly identifying, evaluating, prioritizing, and reporting on security weaknesses, vulnerability management solution beSECURE can now streamline your security even further through a new integration with Core Security’s comprehensive penetration testing tool, Core Impact. By combining these two best-in-class tools, your organization can take its security strategy to the next level. How Do Pen Tests Enhance Vulnerability Management? Vulnerability management solutions like beSECURE are vital tools that continually scan for network and application vulnerabilities, map […]
Read More… from beSECURE Announces Integration with Core Impact Penetration Testing Tool
Agent-Based vs. Agentless Scanning: Choosing the Right Vulnerability Scanning Method
Preventable Attacks Another day, another data breach. Cybercrime is on the rise, and the only way to stop a cyberattack is to think like an attacker. In many cases, the bad actor’s first step is scanning the victim’s systems for vulnerabilities that allow them to gain a foothold. According to Forrester’s State of Application Security, 39% […]
Read More… from Agent-Based vs. Agentless Scanning: Choosing the Right Vulnerability Scanning Method
Application Security on a Shoe-String Budget
Boost Your Security Posture Without Breaking Your Budget Headlines scream about a new cyberattack every few days, and organizations worldwide scramble to buff their cybersecurity posture. Welcome to the era of high-stakes hacking, and high-profile breaches. No one wants to be the next big news story, but robust cybersecurity comes at a price. You can […]
Read More… from Application Security on a Shoe-String Budget
A Guide to the ISO/SAE 21434 Cybersecurity Standard for Road Vehicles
According to Juniper Research, 206 million vehicles will have embedded connectivity by 2025 — with 30 million vehicles utilizing 5G connectivity. The connected car now contains units for communication, in-voice assistant, geolocation sensors and cloud-platforms that connect vehicles to mobility services. To ensure that these hyper-connected vehicles remain secure, a standard known as ISO SAE […]
Read More… from A Guide to the ISO/SAE 21434 Cybersecurity Standard for Road Vehicles
The Four Essentials for Scalable Cloud Security and Compliance
In the evolution of cloud computing, at first it was just about moving some workloads to the cloud. Next, companies realized that whatever they move to the cloud needs to be secured. As time went by, it seemed that everything moved to the cloud, including data that not only had to be secured, but also […]
Read More… from The Four Essentials for Scalable Cloud Security and Compliance
SAST vs DAST: Partners or Enemies?
In our fast-paced digital world, the pressure is on to release new apps, features and enhancements as quickly and as often as possible. But how do you manage constant code changes without introducing security vulnerabilities? And how do you address the elephant in the room that comes with increased usage of cloud apps in the […]