Boost VM security: 8 key strategies
Virtual-machine ubiquity requires rethinking traditional AppSec controls — and modernizing your approach. Here are essential considerations.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
Boost VM security: 8 key strategies
5 reasons you need an SaaSBOM
Here's why your organization should consider using SaaSBOMs, key challenges — and how to put CycloneDX's xBOM standard into action.
Indirect prompt injection attacks target common LLM data sources
Malicious instructions buried in LLM sources such as documents can poison ML models. Here's how it works — and how to protect your AI systems.
MIT researchers tame AI code with new controls
The sequential Monte Carlo method guides LLMs to produce code that plays by basic programming rules. Here's what you need to know.
Mobile and third-party risk: How legacy testing leaves you exposed
Without modern application security tooling, including binary analysis, the third-party risk management puzzle is incomplete.
Changes to CVE program are a call to action on your AppSec strategy
The CVE's challenges mean it's time to get off the vulnerability hamster wheel and modernize your risk program.
Quantum delivers really random numbers: How that boosts AppSec
Quantum random number generators can make software — including software development secrets — more secure. Here's how it works.
OpenSSF guidelines encourage OSS developers to build securely
The Open Source Secure Baseline provides a framework for securing OSS development — but it could breed complacency.
CISO survey: 6 lessons to boost third-party cyber-risk management
Risk is rising across the software supply chain while visibility remains low, making TPCRM challenging. Here's what you need to know.