Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development
Dependency management is one of the biggest challenges in modern software development.
Read MoreStay Informed
Sign up to receive the latest security news and trends straight to your inbox from Trustwave.
Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks
I think you’ll agree with me that growth in the AI landscape is pretty full-on at the moment. I go ...
Read MoreWhy Principle of Least Privilege Matters More Than Ever in a World of Backdoored Large Language Models (LLMs)
The concept of “principle of least privilege” has been around for a long time. In fact, it is older ...
Read MoreFort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster, we ...
Read More2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector
2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key ...
Read MoreExploring an Experimental Windows Kernel Rootkit in Rust
Around two years ago, memN0ps took the initiative to create one of the first publicly available ...
Read MoreHypervisor Development in Rust for Security Researchers (Part 1)
In the ever-evolving field of information security, curiosity and continuous learning drive ...
Read MoreYour Money or Your Data: Ransomware Readiness Planning
Today’s blog installment brings us to the end of our 30-week journey that covered 30 cybersecurity ...
Read MoreThe Willy Wonka World of Application Security Defenses
One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of ...
Read MoreThe Bug Stops Here: Using DevSecOps Workflows for Pest-Free Applications
Developers and cybersecurity have an interesting relationship. Developers have no problem with ...
Read MoreThe Art of Deception: Turning the Tables on Attackers with Active Defenses
Once an attacker enters your network, one of their first actions will be to try and hide their ...
Read MoreKnowing your Enemy: Situational Awareness in Cyber Defenses
Most homeowners know that a lock is a good idea as a basic defense against invaders, and leaving ...
Read MoreUsing AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys
When working with Amazon Web Services (AWS), we often find that various AWS services need to store ...
Read MoreTips for Optimizing Your Security Operations Framework
Building an effective Security Operations framework that provides the right balance of people, ...
Read MoreNetwork Isolation for DynamoDB with VPC Endpoint
DynamoDB is a fully managed NoSQL database service offered by Amazon Web Services (AWS). It is ...
Read MoreCyber Exterminators: Monitoring the Shop Floor with OT Security
Pressure is increasing on manufacturers to monitor their shop floors for malicious activity to ...
Read MoreImportant Security Defenses to Help Your CISO Sleep at Night
This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreHow to Create the Asset Inventory You Probably Don't Have
This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreProtecting Zion: InfoSec Encryption Concepts and Tips
This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreEDR – The Multi-Tool of Security Defenses
This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreThe Invisible Battleground: Essentials of EASM
Know your enemy – inside and out. External Attack Surface Management tools are an effective way to ...
Read MoreThe Secret Cipher: Modern Data Loss Prevention Solutions
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The ...
Read MoreTrustwave's Action Response: Multiple Log4j Zero-Day Vulnerabilities
Updates: Dec. 29: Updated to cover three additional CVEs: CVE-2021-4104, CVE-2021-44832, and ...
Read MoreWardrive, Raspberry Pi Style!
I purchased a Raspberry Pi a few weeks back. I found that I could power it, with a WiFi card and a ...
Read More