Top vulnerabilities in 2024 and what to watch for in 2025
The financial services industry continues to be hit hard by malicious actors, with the average cost of a data breach in the sector increasing to…
Category: Mix
The Cost Savings of Fixing Security Flaws in Development
When security incidents from software defects happen, retrospectives often tell the story of heroic remediation in the form of a few hundred lines of code (or…
Making security a business value enabler, not a gatekeeper
The traditional perception of security within an organization is as a barrier rather than a facilitator, imposing approval processes and regulations that inevitably slow down…
PortSwigger and SAP forge strategic partnership to enhance enterprise web security
Andrzej Matykiewicz | 25 February 2025 at 14:34 UTC In today’s rapidly evolving digital landscape, securing web applications at scale is a challenge, even for…
AI State Management (AISM) | Daniel Miessler
One of the biggest pushbacks against AI is best articulated as a single question. So what? The argument goes something like this: Cool. So we…
I Found a Bug in Meta AI That Let Me Upload Explicit Content and Have AI Create More
Meta AI Studio had a vulnerability that allowed anyone with a Facebook account to upload explicit images and use the AI to generate even more…
Strengthening Digital Resilience Through API Security
The Digital Operational Resilience Act (DORA) is one of the most significant cybersecurity regulations for financial institutions in the European Union (EU). Failure to comply…
Celebrating 10 Years of Partnership: Snap and HackerOne Reach $1M in Bounties
Q: Tell us about your role at Snap and why cybersecurity is vital to your business. Jim Higgins: I’m Snap’s Chief Information Security Officer (CISO).…
A New Approach to Proving Cybersecurity Value (That Isn’t ROI)
Over the past 8 months, Luke (hakluke) Stephens and I have spoken with 10 security executives, surveyed over 550 security professionals, and incorporated insights from HackerOne’s…
We have Enough AI for AGI
I wrote recently about the difference between Functional and Technical AGI. I argued that Technical AGI is the real deal (AI that can generalize it’s…
Functional vs. Technical AGI | Daniel Miessler
I think we should make a distinction between Functional AGI and Technical AGI. Functional AGI is what I use in my definition of AGI—basically an…
Software vulnerabilities in 2024 | Intigriti
The software industry continues to evolve rapidly, driven by the adoption of cloud services, increasingly complex SaaS ecosystems, and the reliance on open-source components. But…