SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

START FREE TRIAL

We are Seeing Ongoing Struts 2 Attacks

If you’re running web applications on the Internet, then you’re almost certainly seeing probes for the Struts 2 vulnerability (CVE-2017-5638). These attacks started within hours of the vulnerability being released, and we continue to see..

Continue Reading >>

Two New Vulnerabilities added to the OWASP Top 10

The Open Web Application Security Project (OWASP) just released an update to the ten most critical web application security risks.

Back in 2002 I wrote the first OWASP Top 10 list and it was published in 2003. My idea was that application security..

Continue Reading >>

How Can CISOs Create A Balanced Portfolio Of Cybersecurity Products?

We’re entering a world of deepening complexity when it comes to security for the modern enterprise. With companies integrating legacy data centers, manufacturing facilities, and networks with the cloud and the Internet of Things (IoT), all..

Continue Reading >>

US Needs a Federal CISO — A Response to the Appointment of a US Cybersecurity Coordinator

In response to the Trump administration announcement of the appointment of a White House cybersecurity coordinator. Contrast Security Co-founder and CTO, Jeff Williams, was ask to provide his thoughts in a recently published CSO article, "US Needs a..

Continue Reading >>

What is OWASP, and Why it Matters for AppSec

Vulnerability research conducted by Contrast Labs was referenced in an article "What is OWASP and Why it Matters for AppSec." The Network World article, written by Michelle Drolet, discusses OWASP and why it proves the need for modern,..

Continue Reading >>

Cybersecurity Execs Voice Concern over Trump Travel Ban

Last Friday President Trump signed executive orders that banned nationals of seven countries that included all people hailing from: Iraq, Syria, Iran, Libya, Somalia, Sudan and Yemen. The executive order also bans entry of those fleeing from..

Continue Reading >>

DevOps Security: Turn Security into Code [RSA Preview]

The San Francisco edition of the annual RSA security conference is just around the corner. DevOps security is a hot topic right now, and the RSA schedule includes a day-long seminar dubbed "DevOps Connect: DevSecOps Edition."

The list of security..

Continue Reading >>

The 3 disadvantages of using WAF Network Security

It is time… time to ditch traditional approaches to the way we have managed application security. Specifically, it’s time to ditch your Web Application Firewalls (WAFs). Ten to fifteen years ago, WAF network security revolutionized the way we..

Continue Reading >>

An Executive Viewpoint in 2017: Fighting an Uphill Battle for Cybersecurity

This week, Virtual Strategy Magazine posted Jeff Williams' 2017 cybersecurity predictions as part of its executive viewpoint roundup. Jeff’s predictions focus on cybersecurity’s uphill battle and the explosions we can expect to see along the way.

Continue Reading >>

Where the Industrial IoT Vulnerabilities Lurk in Your Plant

When you connect manufacturing machinery to the internet, you've created a potential gateway for hackers to exploit. Here's a look at the risks you might be facing.

Who would have thought a bunch of DVRs could slow down -- and in some cases, bring..

Continue Reading >>

SUBSCRIBE TO THE BLOG