It’s the age-old question: when does convenience undermine security? In the healthcare sector, the answer can literally spell the difference between life and death. As the Internet of Medical Things (IoMT) grows, wireless attacks abound. While not any harder to launch than against traditional IoT devices, these attacks are drastically more high-stakes and can use the Bluetooth and related...

BLE, CANBUS Enhancements, new protocols in beSTORMBeSTORM 13.2 launches a few highly requested enhancements along with several protocol additions. These additions will help expand the implementation of black box fuzzing during application development. International compliance regulations are beginning to require fuzz testing security certification within testing labs on telecommunication and...

What is Chaos Testing?Application chaos testing does its best to counteract Murphy’s Law, where anything that can go wrong will go wrong, and at the worst possible time.Chaos testing and engineering is a proactive test methodology that identifies system errors prone to misuse before they can cause damage and security concerns for an application. This style of testing was developed and made...

Learn what data governance means and why data classification is a crucial part of its success.

What Is Data ClassificationAnd What Can It Do For My Business?Data classification is an approach to identifying, protecting and managing information which has rapidly become best practice. Implemented as part of a layered security strategy, it enables an enterprise to defend itself against a variety of threats - from aggressive outsiders to untrained or well-meaning insiders - while unlocking the...

Editor’s Note: This blog post was co-authored by Clayton Barnard, Senior Director, Global Alliances at Lookout, and Corey Markell, Associate Director, Strategic Resource Group at Fortra.The first steps for any organization in creating a data security strategy are accurately identifying all of their sensitive information and securing that data from...

Black Box Fuzzers Black box fuzzers attack code vulnerabilities the same way a real-world cybercriminal would so you can find code weaknesses before they are exploited. A form of dynamic application security testing (DAST), this tool attacks from outside the application code, using a wide range of malformed or partial code data injections to find unexpected code input errors. This can uncover...

PCI-DSS has long been the standard for securing payment card-related information. Meeting this bar was the bare minimum requirement for showing that an organization had sufficient controls to keep this data secure. With changes to PCI-DSS already being released and required by 2024, organizations developing and running applications to collect or process payment card-related data need to get...

By 2024, it’s predicted there’ll be more than 400 million connected vehicles in use around the world. In Automotive Industries magazine, Aviram Jenik discusses the implications for cybersecurity and looks at how rigorous testing and standard protocols can elevate the safety of these fast-evolving vehicles. Originally published in Automotive Industries. Excerpt:“Industry regulators are meeting the...

What is Black Box Fuzzing and why do you need it?Black box fuzzers attack code vulnerabilities the same way a malicious actor would. Black box fuzzing is a type of dynamic application security testing (DAST) that uses one of the widest ranges of attacks to find unexpected code input errors. The goal is to uncover conditions that can trigger crashes or contribute to new and unknown security...

Keeping your organization protected from web application vulnerabilities doesn't have to be complicated. There are some best secure coding practices that you can follow to ensure that you're protecting your customers and preventing cyber criminals from damaging your company. ...

In the last decade, there have been 633 automotive cybersecurity incidents. Yet, this year at Black Hat, the automobile industry was able to breathe a momentary sigh of relief when a connected vehicle was presented as a hacking challenge, and no one succeeded. This stood in stark contrast to 2015 when researchers demonstrated the real danger of automotive cyber-attacks by hijacking a jeep remotely...

The COVID-19 pandemic left its indelible mark across our society. Our work, recreation, healthcare, and even grocery shopping became remote, digital, and reliant on the internet. The eruption of new apps and Internet of Things (IoT) devices proved a tempting target for cyber attackers; that brought security issues new and old to the fore.IoT Devices are EverywhereIoT device use was expanding even...

Boost Your Security Posture Without Breaking Your BudgetHeadlines scream about a new cyberattack every few days, and organizations worldwide scramble to buff their cybersecurity posture. Welcome to the era of high-stakes hacking, and high-profile breaches. No one wants to be the next big news story, but robust cybersecurity comes at a price.You can do everything with a big enough budget. But that...