From prompt injections to model theft, OWASP has identified the most prevalent and impactful vulnerabilities found in AI applications based on large language models (LLMs).
10 most critical LLM vulnerabilities Read More »
The best way to recover from a ransomware attack is to have a reliable and fast backup process. Here’s how to do it.
Ransomware recovery: 8 steps to successfully restore from backup Read More »
After years of review, the National Institute of Standards and Technology has chosen three encryption algorithms as the basis for its post-quantum security strategy.
NIST finally settles on quantum-safe crypto standards Read More »
NIST standards for quantum-safe encryption are due out this summer. As quantum computing advances, enterprises need to consider their encryption infrastructure and post-quantum security strategies.
Despite being late to market, Microsoft’s secure service edge (SSE) offering has some advantages, including cost and ties to Microsoft’s identity access management services.
Microsoft Entra Suite is late to the SSE pool but will still make waves Read More »
In a somewhat chilling revelation, AI agents were able to find and exploit known vulnerabilities, but only under certain conditions, which researchers say indicates they’re not close to being a significant threat – yet.
AI agents can find and exploit known vulnerabilities, study shows Read More »
BAS products simulate attacks to test a company’s defenses against threat vectors. The following guide can help you make the right choice for your organization.
Breach and attack simulation tools: Top vendors, key features, how to choose Read More »
Organizations have started to launch AI certifications in governance and cybersecurity but given how immature the space is and how fast it’s changing, are these certifications worth pursuing?
AI governance and cybersecurity certifications: Are they worth it? Read More »
The ransomware business hit record highs in 2023 despite falling payment rates, as attackers scaled up the number of attacks and new AI weapons were brought to bear on both sides of the war, promising to make an even bigger impact this year.
The state of ransomware: Faster, smarter, and meaner Read More »
Generative AI could be the holy grail of DevSecOps, from writing secure code and documentation to creating tests. But it could be a major point of failure if not used correctly.
Generative AI poised to make substantial impact on DevSecOps Read More »
By automating repetitive triage and documentation tasks, generative AI systems allow entry-level security analysts to spend more time on investigations, response, and developing core skills.
How GenAI helps entry-level SOC analysts improve their skills Read More »
Risks associated with artificial intelligence have grown with the use of GenAI and companies must first understand their risk to create the best protection plan.
Assessing and quantifying AI risk: A challenge for enterprises Read More »
Code vulnerability is not only a risk of open-source code, with many legacy systems still in use — whether out of necessity or lack of visibility — the truth is that cybersecurity teams will inevitably need to address the problem.
3 ways to fix old, unsafe code that lingers from open-source and legacy programs Read More »
Businesses are using DLP tools to help secure generative AI and reduce risks of ChatGPT and similar applications.
Data loss prevention vendors tackle gen AI data risks Read More »
With growing adoption of zero trust, CISOs must look at all possible blind spots across the organization, be that unmonitored IoT devices or third-party systems, to ensure attackers can’t find a way in.
5 areas where zero trust can’t protect your organization Read More »
