Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs.Fuzzing is used to find vulnerabilities and other bugs in software by injecting malformed data into the targeted application to see if it crashes or behaves unexpected

Boston-based developer security company Snyk on Wednesday announced that it has raised $200 million in a Series D funding round, valuing the firm at more than $2.6 billion.The latest funding round, which brings the total raised by Snyk to $450 million, was led by Addition, with participation from previous investors Accel, Amity, Boldstart, Canaan, Coatue, GV

Content delivery network (CDN) provider Fastly (NYSE: FSLY) announced on Thursday that it has agreed to acquire web application security firm Signal Sciences for approximately $775 million in cash and stock. Founded in 2014, California-based Signal Sciences provides web application firewall (WAF) and runtime application self-protection (RASP) technologi

In a previous article, we explored common misconceptions about automation and the realities of using automation to improve security. This article discusses automation best practices as part of an overall Security Orchestration, Automation and Response (SOAR) strategy. Being fully aware of the pitfalls of automation helps frame best practices and provide gre

Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text.Dubbed Stringlifier, the tool was written in Python and leverages machine learning to differentiate random character sequences from normal text sequences.The open-source project should prove helpful when analyzing security and application logs, or

Pentest-as-a-Service (PtaaS) company Cobalt announced on Thursday that it has raised $29 million in a Series B funding round.The funding round, which brings the total raised by the firm to $37 million, was led by venture capital firm Highland Europe, with participation from several angel investors. Cobalt says it will use the money to improve its platform an

With $4 million in seed funding, Adaptive Shield this week emerged from stealth mode to automate the security of software-as-a-service (SaaS) applications.The Tel Aviv, Israel-based startup seeks to tackle the issue of incorrect configuration of SaaS applications, which can expose them to cyberattacks, data leaks, and other risks.SaaS security configuration

Nothing lasts forever. That’s true for cars, devices, even a favorite sweatshirt or pair of jeans. But it is especially true for information technology (IT).  Legacy IT systems stick around in business settings for three main reasons: organizations don’t have the budget to upgrade, teams need to be able to access critical legacy application

Secure Access Service Edge (SASE) and Network-as-a-Service (NaaS) solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million.Founded in 2018 and headquartered in Tel Aviv, Israel, the startup provides a cloud-based Security-as-a-Service (SaaS) solution that aims to secure access

Facebook has announced the availability of Pysa (Python Static Analyzer), an open-source tool designed for the static analysis of Python code.The security-focused tool relies on Pyre, Facebook’s type checker for Python, and allows for the analysis of how data flows through code. It can be used to identify issues related to the protection of user data, as wel

Learn how to fight malwareAny program that runs can be disassembled, but that doesn’t mean it’s going to be easy. In this skills course you’ll learn⇒ Anti-Debugging Techniques⇒ Detecting Debuggers⇒ Anti-DisassemblyStart your free trialIntroductionSecuring cookies is an important subject. Think about an authentication cookie. When the attacker is

IntroductionThere are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. Two of the most popular and significant tools used to secure networks are firewalls and intrusi

Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. Average attack

Industrial cybersecurity firm Claroty this week announced the availability of AccessDB Parser, an open source tool that allows researchers to analyze Microsoft Access database files associated with SCADA applications.AccessDB Parser was initially developed to improve the scanning capabilities of Claroty Continuous Threat Detection (CTD)’s Application DB (App

In a perfect world, all organizations would implement Zero Trust for its inherent security benefits. In today’s uncertain environment, every security strategy that mitigates risk is critical, and the role of Zero Trust is even more relevant in the work-from-home era. By nature, employees’ home environments are more vulnerable with a higher likelihood o