Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across departmental stacks, complicating the job of security teams to protect organizations against
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the SaaS supply chain snowball quickly. Thatβs why effective vendor risk management (VRM) is a
As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform.
These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said.
"The model's payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims'
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended. We're going to talk in this
The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years.
βThese security and privacy challenges include the potential for adversarial manipulation of training data, adversarial exploitation of model vulnerabilities to
2023 has seen its fair share of cyber attacks, however thereβs one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only the beginning.
Why non-human access is a cybercriminalβs paradise
People always
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security RisksLike theΒ SaaS shadow ITΒ of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot.Β
Employees are covertly using AIΒ with little regard for established IT and cybersecurity review procedures. ConsideringΒ ChatGPTβs meteoric rise to 100 million users within 60 days of launch, especially with little
Login
FreshRSS