Test, test, test: Red team, automate regression tests, use strict change controls. And if you must do mass surveillance, make sure it’s protected
Here's how to improve the maturity of your application security program, and expand your efforts throughout the company.
How closely do you audit your partners’ API use? Are you checking passwords against lists of compromised credentials?
Application security debt occurs any time your company discovers vulnerabilities that go unfixed. Here's how to stay on top of it.
With the pandemic forcing staff to work from home seemingly overnight, security teams need to catch up in a hurry. Here are best practices.
If you can't bring your own encryption to the cloud, at least bring your own keys. Here's what your team needs to know about the choices.
Are you checking credentials against lists of common passwords and compromised accounts?
Understanding the differences between data-protection technologies is critical. Here's what you need to know.
Most businesses have no idea how to fight them. Here's what you need to know about thwarting deepfakes.
I can’t put it better than exabrial, who sums up with this call to action to remove it: "It's not better than nothing, it's worse than nothing."