Traditional static application security testing (SAST) tools are falling short. That’s the key takeaway from a recent report that tested these tools against nearly 3,000 open-source code repositories. The results: more than 91% of flagged vulnerabilities were false positives. The…
Tag: Help Net Security
How C-suite roles are shaping the future of tech leadership
As companies accelerate towards technology-driven business models, the tech C-suite is embracing new skills, greater influence, and a unified approach to business transformation, according to Deloitte. Top priorities for tech leaders (Source: Deloitte) With insights from a range of C-level…
AWS launches new cloud security features
Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at speeding up backup recovery, and has announced the completion of its push to protect…
Bitdefender acquires Mesh to boost email protection for businesses and MSPs
Bitdefender announced it has agreed to acquire Mesh Security Limited (Mesh), a provider of email security solutions. Through the acquisition, Mesh’s email security technology and capabilities will be integrated into Bitdefender’s extended detection and response (XDR) platform and managed detection…
Cloudflare Log Explorer detects security and performance issues
Cloudflare announced Cloudflare Log Explorer to help give businesses instant access to critical security and performance insights across their IT environments. Now, customers can analyze, investigate, and monitor for security attacks with log line level insights across their entire business–natively…
Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)
Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable Authentication Modules (PAM)…
Jumio Liveness Premium combats deepfakes and injection attacks
Jumio launched Jumio Liveness Premium with advanced deepfake detection, the company’s most advanced biometric liveness detection solution to date. Jumio’s premium solution leverages a patented Jumio technology, combining randomized color sequences and AI-driven analysis to confirm human presence in real…
Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security
As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-project Tetragon, combined with Software Bills of Materials (SBOMs), can provide…
Kusari Inspector improves supply chain security
Kusari unveiled Kusari Inspector, an AI-based pull request security tool that brings cutting-edge security risk analysis directly into developers’ daily workflows. In Kusari Inspector, Kusari has brought together a powerful combination of industry standards, AI, and dependency graph analysis, to…
Dashlane’s AI model alerts businesses to phishing risks
Dashlane introduced AI phishing alerts, an advancement to the Dashlane Omnix platform that protects enterprises and users against threats targeting user credentials. Trained by Dashlane on both legitimate and phishing sources, the new innovation detects and alerts users to phishing…