Password-Cracking Teams Up in CrackQ Release

The open source platform aims to make password-cracking more manageable and efficient for red teams. Security services firm Trustwave has released an open source project aimed at companies that want to provide password-cracking as a service to their security teams and red teams, the company announced today at the Black Hat Europe conference. Using the
Read more
1 Comment

An Alarming Number of Software Teams Are Missing Cybersecurity Expertise

The overwhelming majority of developers worry about security and consider it important, yet many lack a dedicated cybersecurity leader. Despite concerns over software security, many companies have not assigned a cybersecurity leader to help secure their applications — a problem that will only worsen as demand for technical security experts deepens worldwide. In data published on
Read more
2 Comments

An Alarming – and Growing – Number of Software Teams Are Missing Cybersecurity Expertise

The overwhelming majority of developers worry about security and consider it important, yet many lack a dedicated cybersecurity leader. Despite concerns over software security, many companies have not assigned a cybersecurity leader to help secure their applications — a problem that will only worsen as demand for technical security experts deepens worldwide. In data published on
Read more
2 Comments

What Security Teams Can Do Now

Knowing the methods of the attacker, as laid out in the federal indictment, allow us to prevent similar attacks. Oh, the Monday blues. You start the week moody because the weekend is over, though the feeling typically subsides once you’re in the office. But for the 106 million people with stolen data affected by the
Read more
10 Comments

Developers and Security Teams Under Pressure to Collaborate

The challenges and benefits to getting two traditionally adversarial groups on the same page. AWS re:Inforce – BOSTON – The path to secure development involves closer collaboration between the security and developer teams, a duo with a traditionally rocky relationship. Application security, DevOps, and DevSecOps were all terms frequently heard this week at Amazon Web
Read more
8 Comments

6 Ways Mature DevOps Teams Are Killing It in Security

New survey shows where “elite” DevOps organizations are better able to incorporate security into application security. 1 of 7 The automation, stability of infrastructure, and inherent traceability of DevOps tools and processes offer a ton of security and compliance upsides for mature DevOps organizations. According to a new survey of over 5,500 IT practitioners around
Read more
244 Comments

How the Best DevSecOps Teams Make Risk Visible to …

DevOps-minded CISOs say enterprise security teams need to do a better job scoring and visualizing risk for developers and business executives. One of the biggest challenges security practitioners and leaders face in their mission to embed application security (AppSec) into the software development life cycle is a lack of engagement from developers. Leaders in DevSecOps
Read more
192 Comments

3 Places Security Teams Are Wasting Time

Dark Reading caught up with RSA Security president Rohit Ghai at the RSA Conference to discuss critical areas where CISOs and their teams are spinning their wheels. RSA CONFERENCE 2019 – San Francisco – If a single adjective could describe the universal attendee experience at the RSA Conference, it would probably be “overwhelmed.” There were nearly
Read more
85 Comments