Bleeping Computer

GitHub now allows enabling private vulnerability reporting at scale

GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging to an organization. Once toggled on, security researchers ...
Forbes

API Penetration Testing And API Vulnerability Assessment: Use The Right Tool For The Right Job

API vulnerability scanning and API penetration testing are both important methods for ensuring the security of an API, but they have distinct differences in terms of their scope, methodology and ...
adtmag.com

Waratek Adds Log4J Scanner and API Security to its Java Security Platform

The Java security specialists at Dublin-based Waratek have released a new Log4J Vulnerability Scanner and added API security to their Java Security Platform, the company announced recently. The ...
Bleeping Computer

GitHub rotates keys to mitigate impact of credential-exposing flaw

GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. This unsafe ...
CSOonline

GitHub releases new SDLC security features including private vulnerability reporting

GitHub also announces CodeQL support for Ruby programming language and coverage/risk overviews to help users secure the software development lifecycle. GitHub has announced new security features ...
Morningstar

Detectify Launches Dynamic API Scanner with over 900 Quintillion Payloads

Detectify, the application security testing platform for evolving attack surface coverage, today announced the expansion of its AppSec platform to include advanced API scanning capabilities, providing ...
ZDNet

Google open-sources Tsunami vulnerability scanner

Google has open-sourced a vulnerability scanner for large-scale enterprise networks consisting of thousands or even millions of internet-connected systems. Named Tsunami, the scanner has been used ...