Application and platform security

Applications and platform security is the basis of preventing vulnerabilities and attacks. Learn the latest about applications attacks, secure software development, patch management, OS security, virtualization, open source security, API security, web app and server security and more.

August 24, 2022 24 Aug'22
PyPI phishing renews call for mandatory 2FA, package signing

Some developers view compulsory 2FA and package signing as a threat to productivity, but industry experts say such requirements are inevitable amid ongoing cyberattacks.
August 17, 2022 17 Aug'22
Google patches yet another Chrome zero-day vulnerability

Google issued an update Wednesday to address a potentially serious security vulnerability in its Chrome browser, and the company urged users to patch their browsers immediately.
August 16, 2022 16 Aug'22
Mailchimp suffers second breach in 4 months

While the source of the breach has not been confirmed, an attacker got into Mailchimp and gained access to the customer account of cloud hosting provider DigitalOcean.
August 12, 2022 12 Aug'22
Eclypsium calls out Microsoft over bootloader security woes

At DEF CON 30, Eclypsium researchers detailed three new vulnerabilities in third-party Windows bootloaders that were signed with Microsoft's UEFI certificates.

Bring yourself up to speed with our introductory content

cyber attack

A cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Continue Reading
stack pointer

A stack pointer is a small register that stores the memory address of the last data element added to the stack or, in some cases, the first available address in the stack. Continue Reading
Pen testing vs. vulnerability scanning: What’s the difference?

Confused by the differences between pen tests and vulnerability scans? You're not alone. Learn the key differences between the two and when each should be used. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

How to conduct a secure code review

Learn how to conduct a secure code review -- a critical step in the software development lifecycle -- to avoid releasing an app with bugs and security vulnerabilities. Continue Reading
Understanding 3 key automated DevSecOps tools

SAST, DAST and SCA DevSecOps tools can automate code security testing. Discover what each testing method does, and review some open source options to choose from. Continue Reading
The awkward state of the remote vs. in-person work debate

TechTarget senior news writer Beth Pariseau discusses return-to-work initiatives for IT pros and in-person tech conferences coming back onto the schedule. Continue Reading

Learn to apply best practices and optimize your operations.

How to ensure a secure metaverse in your organization

Before deploying your company's metaverse, follow these practices -- including inventorying vulnerabilities and developing T&Cs -- to proactively address metaverse security issues. Continue Reading
Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
10 enterprise database security best practices

Beyond protecting enterprise databases from vulnerabilities, it is critical to improve and review their security on a regular basis. Learn more with these database security best practices. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Key software patch testing best practices

Every company has to update and patch its software, but unless the process is carefully managed, serious problems can occur. How can you make sure you're following the right steps? Continue Reading
Use microsegmentation to mitigate lateral attacks

Attackers will get into a company's system sooner or later. Limit their potential damage by isolating zones with microsegmentation to prevent lateral movement. Continue Reading
Protect APIs against attacks with this security testing guide

API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them. Continue Reading