Security

A GRC framework for securing generative AI

How can enterprises secure and manage the expanding ecosystem of AI applications that touch sensitive business data? Start with a governance framework.

By Trevor Welsh

Nov 19, 202411 mins

Generative AIData GovernanceApplication Security

Java proposals would boost resistance to quantum computing attacks

By Paul Krill

Nov 08, 20242 mins

JavaQuantum ComputingApplication Security

‘Package confusion’ attack against NPM used to trick developers into downloading malware

By John E. Dunn

Nov 06, 20244 mins

VulnerabilitiesOpen SourceSecurity

Articles

Security takes a front seat

Threats that have always existed but are now amped up by generative AI are making enterprise leadership take notice and open the purse strings.

By Matt Asay

Aug 19, 2024 4 mins

Technology IndustryApplication SecurityCloud Security

Red-teaming AI with PyRIT

Microsoft has open sourced a key piece of its AI security, offering a toolkit that links data sets to targets and scores results, in the cloud or with small language models.

By Simon Bisson

Aug 15, 2024 7 mins

Microsoft AzureGenerative AIApplication Security

Focusing open source on security, not ideology

In today’s world where everything gets hacked, conversations about security are what’s truly important, especially to attract younger developers to open source.

By Matt Asay

Jul 22, 2024 4 mins

Cloud SecurityOpen SourceSecurity Practices

How evolving AI regulations impact cybersecurity

Getting in front of AI risks includes understanding evolving regulations. Here’s what that means for cybersecurity leaders.

By Ram Movva and Aviral Verma

Jul 02, 2024 8 mins

Generative AIData GovernanceApplication Security

7 application security startups at RSAC 2024

VC-backed up-and-comers zero in on devsecops, the software supply chain, and securing the software development life cycle.

By Victor Garza

May 14, 2024 6 mins

Application SecurityDevopsSecurity

Understanding Microsoft’s Trusted Signing service

A new managed signing service on Azure offers low-cost, low-touch code signing with integration into GitHub Actions.

By Simon Bisson

May 02, 2024 8 mins

Microsoft AzureApplication SecurityCloud Computing

Java services hit hardest by third-party vulnerabilities, report says

State of DevSecOps report finds 90% of Java services susceptible to vulnerabilities in third-party libraries.

By Paul Krill

Apr 18, 2024 2 mins

JavaJavaScriptPython

Rust gets security fix for Windows vulnerability

Rust 1.77.2 point release addresses a critical vulnerability affecting Windows deployments.

By Paul Krill

Apr 12, 2024 2 mins

RustSecuritySoftware Development

Rust memory safety explained

What makes the Rust language one of the best for writing fast, memory-safe applications? Rust's memory-safety features are baked into the language itself.

By Serdar Yegulalp

Apr 03, 2024 7 mins

C++RustProgramming Languages

Java 22 brings security enhancements

JDK 22 adds 10 new root CA certificates, a new asymmetric key interface, and a -XshowSettings option for displaying security settings.

By Paul Krill

Mar 22, 2024 3 mins

JavaProgramming LanguagesSecurity

The future of cloud security: Top trends to watch in 2024

In 2024, CISOs evaluating their cloud security strategies must prioritize an end-to-end solution capable of delivering proactive protections from code to cloud.

Mar 14, 2024 7 mins

Security