Bug bounty and penetration testing programs are often grouped as interchangeable, but they perform distinct functions.

To determine whether both deserve a place within a cybersecurity strategy, it is important to understand their specific qualities and how they have matured over recent years. We spoke to Chris Campbell, lead solutions engineer at HackerOne, to learn more.

Today's IT security teams face several key challenges. Tasked with combating the rising volume and frequency of sophisticated cyber threats, they are bombarded with a tsunami of alerts generated by countless security tools that deliver little context or value-add insight.

Effectively processing and analyzing all this data to identify actionable threat intelligence requires considerable time and effort.

Cloud has been a cornerstone of the computing industry for many years. As it enters its third decade in 2024, economic pressures, anti-monopoly moves and more mean things will look different for hyperscale providers.

We spoke to Amol Dalvi, VP of Product of Nerdio, to discuss what we can expect to see over the next 10 years.

Ensuring observability has always involved three pillars: logs, metrics and traces. However, the reality is that most organizations simply store this information in silos which are incapable of communicating with one another.

Jeremy Burton, CEO of Observe, believes organizations need to go beyond the three pillars of past failed solutions and instead view observability as purely a data problem. We talked to him to learn more.

Friction and lack of communication between development and security teams can lead to problems in software development and testing.

How can we bridge the gap between developer and security teams and help them see that they have common goals? We spoke to Scott Gerlach, CSO and co-founder of StackHawk, the company making web application and API security testing part of software delivery, to find out.

The pandemic led to a dramatic shift in working patterns with many more people working from home or spending less time in the office.

Recently though we've been seeing more calls for staff to go back to the office. So, have working patterns changed for good and if so how can productivity levels be maintained with remote working? We talked to Mark Cresswell, co-founder and executive chairman of Scalable Software, to find out.

The nature of the modern world means that we all have lots of different accounts to manage various services.

Protecting all of these can be a challenge and you can end up with lots of different tools like password managers, VPNs, anti-virus tools and more. It also leads to people getting lazy and reusing passwords.

Over the years, security vendors have pushed companies to integrate their tools into the DevOps pipeline with the promise of being able to move faster and be more secure.

However, as businesses have matured their DevSecOps practices the more they have been hit by mountains of reported vulnerabilities and problems that have slowed them down. So, has DevSecOps failed in its promise? We talked to Eitan Worcel, CEO at Mobb, to find out.

Towards the end of last year the American Airlines pilot union was hit with a ransomware attack. This is just one of a growing number of attacks targeting the aviation sector.

What makes the aviation industry such an attractive target and how can it protect itself? We spoke to Marty Edwards, deputy CTO for OT/IoT at Tenable, to find out.

When OpenTelemetry was first released in 2019, there was a good deal of excitement about the prospect of a single standard set of telemetry data for the entire modern software stack.

OpenTelemetry set out to make robust, portable telemetry a built-in feature of cloud-native software, and give developers and platform engineers a common mental model for all the telemetry types.

In May of last year, IBM launched watsonx, its enterprise-ready AI and data platform, and made it generally available in July.

Alongside this it has launched some new free generative AI educational courses and content to help developers and IT practitioners build their AI and open source skills. We spoke with Savio Rodrigues, vice president, ecosystem engineering and developer advocacy at IBM to learn more.

As consumers and businesses undergo a sea change shift towards mobile interfaces, embracing everything from retail to human resources management, the landscape of mobile security is experiencing a parallel transformation.

With this surge in reliance on mobile devices, threats have become more sophisticated, spanning network vulnerabilities, the proliferation of malware, and the craftiness of phishing schemes.

The use of Apple devices in the enterprise has increased in recent years. But what's behind this trend and how much impact is it having?

We spoke to Weldon Dodd, SVP of community at Apple device management and security specialist Kandji, to discover how Apple has become a strategic choice for businesses, leading to increased employee productivity and even additional revenue opportunities.

The relationship between an organization's chief information officer (CIO) and chief information security officer (CISO) has traditionally been somewhat at odds, since CIO's job is built around sharing information and the CISO's job is to secure it. Plus, the CIO was normally higher in the organizational hierarchy, which could also cause some tension.

But the relationship has evolved in recent years, to the point where the two positions are often more on par with each other. And with security's growing importance to the business (and the boardroom), the two jobs often share the same goals and responsibilities.

The Payment Card Industry Data Security Standard (PCI DSS) turns 20 next year and has remained largely unchanged during that time. But version 4.0, due to become mandatory from April 2024, will bring the standard bang up-to-date and usher in a number of big changes.

We spoke to Phil Robinson, principal consultant and QSA at Prism Infosec, to explore what's changing and how organizations can prepare to meet the new requirements.