Tag: CISO
Application programming interfaces have always been important gateways to our applications, but in recent years, they’ve silently become both more prevalent and more central to app functionality. APIs are everywhere and inside of everything we’re using now. Here’s what I mean: In our workplace, more and more traditional business services are being delivered or amplified…
Read MoreWhile cloud allows us to offload many responsibilities to third party providers, risk is not one of them. What’s more, is that the rising use of cloud, shared code libraries and other third party resources reduces the visibility and control businesses have over their apps and data – making them even more vulnerable. Businesses today…
Read MoreWe launched the CISO-to-CISO section of F5 Labs in January 2017, with a welcome message from then F5 CISO, Mike Convertino, talking about how we want to encourage security leaders to share and openly discuss ideas on how they protect their organizations. It’s all about security leaders sharing advice for other security leaders. Well, three…
Read MoreYears ago, I worked on a consulting project for a large financial services company, which had recently invested $20 million into their core offering, a managed services platform for financials that was used by hundreds of customers. We did a Failure Mode Effect Analysis for them, looking at every component making up the major service—every…
Read MoreWeb Application Security Our biggest research story of the year was our 2019 Application Protection Series, which focused on looking at an entire year of application-related breaches as well as a year of global web attack traffic. In that story, we noted how PHP vulnerabilities comprise 81% of the attack traffic, much of it…
Read MoreEMEA’s mainstream media’s spotlight on ransomware attacks may have dimmed over the last 18 months but that doesn’t mean the threat has disappeared. There is certainly no room for complacency, and we would do well to pay attention to recent events across the pond. Far from diminishing in disruptive impact, ransomware attacks appear to have…
Read MoreFrom tech giants and gamers to politicians and retailers, nobody is safe from today’s mutating threat landscape. 2019 was another frenzied maelstrom of cyberattacks, mitigations, pre-emptions and preventions, with the old (phishing and DDoS et al) rubbing havoc-wreaking shoulders with the new (new vistas in cyberwars, automation and AI). As ever, continuous pressure also begets…
Read MoreMy Apple News app recently served up some targeted marketing that really hit home. There before me was the opportunity to purchase a limited-edition 11 Herbs & Spices Firelog from KFC and Envirolog, sold through Walmart. In addition to the advertising and sales mechanisms that brought me to this point, there are also all of…
Read MoreLove is purportedly in the air again, but is it being harnessed and channelled in the right direction? This Valentine’s Day, are you doing all you can to lavish protective TLC on your apps? Do you have the right strategies and solutions in place to secure a mutually rewarding, long-term relationship with your apps and,…
Read MoreIn this list, we don’t see any of the significant factored software types, so there are no weights to add here. Calculating the Likelihood of Exploitation of a Vulnerability Now that we have all our factors and weights, we can do some simple math in a spreadsheet. Factor Weight Base -6.18 Web related 0.06 Reference…
Read More