runtime security
What is DORA? | Compliance Requirements for EU DORA Regulations | Contrast Security
Cyberattacks, supply-chain issues, flooding, tsunamis, wildfires, equipment failures and even war: The financial sector has no choice but to keep operations running through all these — among other — types of disruptions, ...
Runtime Security fits fast-paced AppDev environments | Contrast Security
Are traditional AppSec tools keeping up with advances in software? That was the question The Application Security Podcast host Chris Romeo recently asked Contrast Security Co-founder and Chief Technology Officer Jeff Williams. ...
WAF cybersecurity limitations and alternatives | Contrast Security
Why WAFs leave you adrift in the treacherous waters of cybersecurity In the ever-shifting currents of the cybersecurity ocean, debates about the relevance and effectiveness of various defense mechanisms continue to surface, ...
Experts Say Cyber Attacks Are Getting Worse
A new article on WNEP is reporting on experts who claim that cyber attacks are getting worse. Not surprising at the top of the list is ransomware attacks., which have made headlines, ...
Mitre Top 25 Software Weaknesses
In addition to OWASP finally updating the Top 10 Web Application Risks, this year Mitre also updated their Top 25 Most Dangerous Software Bugs, also known as the CWE Top 25. One ...
NIST SP800-53 Revision 5, One Year Later
It will be one year since NIST released their final version of SP800-53 Revision 5 on September 23, 2020. As a quick reminder SP800-53 is the document issued by NIST that specifies ...
OWASP Working Group Releases Draft of Top 10 Web Application Risks for 2021
The Open Web Application Security Project (OWASP) has released its draft Top 10 Web Application Security Risks 2021 list with a number of changes from the 2017 list (the last time the list ...
Traditional Application Security Tools Ineffective Against New And Growing Threats
A new article in Help Net Security covers some interesting new statistics that reflect the inability of current security tools to protect organizations against attacks happening on web applications. The article shares ...
Why WAFs Don’t Work According to a Hacker
A new article in SDXcentral talks about why WAFs (Web Application Firewalls) are insufficient protection according to a hacker. The topic of WAFs isn't new to K2 and we've covered their failures ...
Why Do Developers Continue to Write Vulnerable Code?
It's been 18 years since OWASP first published their list of Top 10 Web Application Security Risks in 2003. It wouldn't be unreasonable to think it would have been possible to solve ...