As more details about the SolarWinds breach come to light, it is important to focus on the facts of the case to determine how best to protect your own system. The Facts: The software supply chain was used as the malware distribution system. The sophistication of the breach was in the undetected manipulation of code over a long [...]
What do the breaches of Carnival, J. Crew and T-Mobile have in common? All three hacks were related to third party breaches and the hackers went after data. The separate incidents show how Companies in different sectors are being targeted to steal and monetize data. These hacks aren’t complex. In fact, it’s the lowest hanging fruits that can have [...]
The incident—revealed in a published report on ZDNet revealed that the details of more than 10.6 million guests who stayed at MGM Resorts were published on a hacking forum due to unauthorized access to a cloud server. Celebrities, tech CEOs, reporters and government officials were some of the victims in this breach. Some of the personal details found on [...]
As the World turns to code, the threat landscape increases and cyber security management becomes more complex. Code is created and distributed amongst different teams within the organization and key elements that indicate the health of code is not easily identified. Developers, CISOs, security committees, executives and boards of directors are struggling to come up with meaningful information to [...]
As the World goes through the Digital Transformation, your city, car, house, bank, business and hospital are all susceptible to being hacked. Nucleaus enables companies of all sizes to continuously monitor code repositories and reports back code vulnerabilities and project dependencies within the early stages of the development cycle. Whether you're a single developer or collaborating with a team, [...]
Let's start with the basics...What is PCI and why is it important? The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle credit cards. The standard was created to increase controls around cardholder data to reduce fraud. Validation of compliance is performed annually or quarterly. It is a PCI DSS requirement [...]
Every aspect of our lives involves computers and the code that runs them so what does Democratizing application code scanning mean, why is it important, and what does it have to do with beer? Before we jump into the beer conversation, let’s discuss application security and the need to simplify the entire process for application code scanning. We developed [...]
OWASP, an international non-profit organization dedicated to web application security, stands for Open Web Application Security Project. OWASP is an open community dedicated to enabling the organization to develop, purchase and maintain application and APIs that can be trusted. One of its core principals is that all of their materials be freely available and easily accessible on their website. [...]
The Nucleaus team isn't just creative at writing code, we can write poems too! Last week, we challenged our team to a poem-hackathon where we asked them to come up with a poem about code scanning. The winner of that challenged received a gift card :) Nucleaus™ scans all the code Searching for vulnerabilities Yes, it finds all those [...]
Nucleaus™, the first of its kind SaaS-based application security platform, has launched in the App Store and Google Play. The mobile application, extending the product line, is changing the way static code analysis tools work. With the launch of this mobile app, Nucleaus has created a milestone for Security SAST tools by introducing a first-to-market mobile security app that [...]
