communicating with customers about a security breach

Communicating with Customers in the Event of a Breach

Thursday, October 15, 2020

There are three phases of defending against cyber attacks: putting in place sufficient protections and robust authentication mechanisms to try and prevent attacks; appropriately defending against an active attack once it is discovered, and communicating accurately and effectively to customers and shareholders: What happened Why it happened What it means Let’s examine a major retailer’s …

principle of least privilege

Putting the Principle of Least Privilege to Work for Web Apps

Thursday, September 24, 2020

With an ever-increasing proportion of day-to-day work on the desktop occurring in the form of web-based applications, organizations need to rethink how those applications work. They also need to examine – and in some cases tighten up – how web-based apps (or rather, the processes within which they operate) make use of privileges and access …

web app security

The Cyberthief’s New Best Friend: Web Apps

Thursday, September 03, 2020

Web apps are now one of the top favorites—if not the absolute favorite—means of attack by cyberthieves, based on the latest Verizon Data Breach Investigations Report, which examined 41,686 security incidents, including 2,013 confirmed data breaches. The data came from 73 sources of data accessed by the carrier, only seven of which were internal to …

SAST and SCA

SAST and SCA: Putting the Puzzle Together

Thursday, August 27, 2020

Developing correct and secure software isn’t easy. A typical application includes a large amount of original and third-party code, and it all has to work together without opening up security holes. Any change to existing code, whether it’s a simple refactoring or the addition of a major feature, could create a new risk. Checking the …

Kiuwan cybersecurity tool

Cybersecurity: How Safe are Voice Assistants?

Thursday, June 04, 2020

This new age in Artificial Intelligence is fascinating- and terrifying too. From ubiquitous digital assistants like Siri and Alexa to usage on factory floors, the impact of AI is by all means dizzying. Your cell phone mostly features a voice assistant. At best, Apple’s Siri- for instance- may seem like a “naïve” helper that can check weather …

New Release!

Kiuwan Release Announcement – May 12, 2020

Thursday, May 21, 2020

We are pleased to announce that on May 12, 2020 we rolled out a new Kiuwan release! We have made some changes in the way Kiuwan handles delivery analyses, we have added some REST API enhancements, and rolled out all of the latest changes to Kiuwan On-Premises. Read more details about this Kiuwan release below. …

Cross Site Scripting

Is Cross-Site Scripting Still a Thing?

Monday, April 27, 2020

Though cross-site scripting — often abbreviated XSS — has been around since the start of this century, it remains a pressing security concern on today’s web. First introduced by Microsoft engineers in January 2000, XSS seeks to bamboozle protections and permissions granted to one URL through its access by introducing scripts, programs and other active content …