API Security Insights from ESG Research on Trends in Modern Application Protection

My colleague John Grady completed a new research report on Trends in Modern Application Protection. It covers how organizations are modernizing their application architectures and the challenges they are seeing in web application and API protection platforms. In this video, we discuss some of his findings on API security. Watch the video below to learn about:

  • The growth of APIs
  • Challenges and methods to secure them
  • API incidents that organizations have experienced and their impacts
  • Methods of remediating API coding errors and their effectiveness
  • What to look for in an API protection platform
Topics: Cybersecurity

Using Data Security to Defend Against Ransomware

As ransomware actors have gained in experience and sophistication, they've adopted new tactics. Before encrypting your data, they exfiltrate it. This way, they can make you pay twice--first for an encryption key, and second, an extortion fee to prevent the attacker from publishing your sensitive data.

Data security encompasses the principles and practice of ensuring legitimate access and preventing unauthorized access to data to preserve the cybersecurity triad of confidentiality, integrity, and access (CIA). A data security platform that enables you to discover, classify, and protect your sensitive data can stop a ransomware attacker from data exfiltration and limit your exposure to extortion.

Topics: Cybersecurity

2023 Will Be the Year for Passwordless Authentication

Easy-to-remember passwords are easy to crack. Strong passwords are hard to remember,
leading to password reuse and the risk of password compromise that causes multiple account takeovers. Passwords are risky business.

Multifactor authentication (MFA) is a way to combat the inherent weaknesses of passwords. Yet MFA is also susceptible to compromise. Passwordless authentication based on the FIDO standards and public key encryption is the new archetype for authentication, and is phishing- and compromise-resistant. 

Topics: Cybersecurity

Women in Cybersecurity: Laurie Haley

This episode of Women in Cybersecurity features my dear friend, Laurie Haley, VP of Strategic Alliances at application security company Veracode . I

first met Laurie when we worked together at Qualys, where she was a superstar sales leader who had a technical background. She got her start in tech support, moving into network engineering, and then into cybersecurity roles at VeriSign and SecureWorks. Then she worked at CVS doing vulnerability management before moving to Qualys, where she spent nearly nine years, including serving as Executive VP of Worldwide Field Operations. Now she heads up strategic alliances for Veracode. With her technical background and her understanding of customer needs, she is passionate about helping them solve their biggest cybersecurity challenges with effective solutions. 

Don't miss her video below, and be sure to check out the full audio interview.

Topics: Cybersecurity women in cybersecurity