Mark Sherman, CMU’s CERT director, discusses the capabilities and limitations of LLMs for fixing insecure code.

RSAC 2025: Being realistic about fixing code with LLMs

Laura FrenchApril 29, 2025

More than 2,500 test runs show the code analysis capabilities and limitations of popular models.

RESOURCES

PODCASTS

Network Security
Security Weekly News Interviews Participants and Coaches at NECCDC – SWN #472
Application security
Secure Designs, UX Dragons, Vuln Dungeons – Jack Cable – ASW #328
Application security
The Future of Access Management – Jeff Shiner – ESW #404
Incident Response
The reason for Zoom’s outage is crazy, huge funding amounts before RSA – ESW #404
Breach
Reviewing the Verizon 2025 Data Breach Investigations Report – ESW #404

FEATURED

Perspectives Spotlight: Expert Insights

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

SAP is a German based multinational software corporation

Vulnerability Management

Over 400 servers found to be exposed to SAP NetWeaver bug

Steve ZurierApril 29, 2025

Active exploitation of flaw with 10.0 CVSS has been confirmed.

Abhilasha Bhargav-Spantzel (left) and Aditi Shah of Microsoft discuss the importance of inclusivity in identity management.

AI/ML

RSAC 2025: Agentic AI highlights need for inclusive authentication methods

Laura FrenchApril 29, 2025

Flexibility aids both AI agent and disability-accessible identity management.

RSAC

RSAC 2025 Keynote: Cisco open-sources AI security tools

Tom Spring April 29, 2025

Facing surging attacks and an unpredictable AI future, Cisco, Microsoft, Trellix, and RSAC leadership call for a fundamental rethinking of cybersecurity defenses.

Identity

VeriSource cops to 4 million accounts lost in 2024 data breach

Shaun NicholsApril 28, 2025

VSI, VeriSource's parent company, said the investigation and notification process took over a year.

RSAC

BSides SF: How consumer cloud services can command and control malware

Paul WagenseilApril 28, 2025

Safe-seeming cloud services like Google Drive and Trello have everything attackers need to remotely control infected hosts, and most defenders have no idea.

Vulnerability Management

Secure by design? At RSAC 2025, experts warn: We’re not winning yet, but we could

Tom Spring April 28, 2025

At RSAC 2025, experts say Secure by Design is delivering real wins — yet unchecked development speed and supply chain risks still threaten progress.

AI/ML

RSAC 2025: Using an ‘MRI’ for neural networks to understand LLM jailbreaks

Laura FrenchApril 28, 2025

CyberArk researchers studied how specific neurons and layers of LLM architecture respond to prompts.

Iran Flag Digital Binary Code Cyberpunk Technology Concept

Critical Infrastructure Security

Iran claims to repel cyberattack on critical infrastructure

Steve ZurierApril 28, 2025

Details are scarce, so security experts say jumping to conclusions on who executed the alleged cyberattack is premature.

Cybersecurity News, Awards, Webinars, eSummits, Research

RSAC 2025: Being realistic about fixing code with LLMs

RESOURCES

RSAC 2025 executive interview: Cobalt’s Gunter Ollman

RSAC 2025 executive interview: Semperis’ Marty Momdjian

RASC 2025 executive interview: Oligo Security’s Gal Elbaz

PODCASTS

Security Weekly News Interviews Participants and Coaches at NECCDC – SWN #472

Secure Designs, UX Dragons, Vuln Dungeons – Jack Cable – ASW #328

The Future of Access Management – Jeff Shiner – ESW #404

FEATURED

Perspectives Spotlight: Expert Insights

Get daily email updates

Perspectives

5 ways cloud security teams can apply Agentic AI

Why our industry must shift from prevention to cyber resilience

Navigating the 8D city: Why multi-dimensional network security is no longer optional

AI agents feeding the dark web require new security tactics

3 ways to build a ransomware IR strategy that works

In Brief

Zero-day intrusion purportedly thwarts BreachForums comeback

Bill mandating router security evaluations receives House OK

Trump’s undermining of federal cyber efforts demands outrage, says ex-CISO chief Krebs

Akira ransomware reportedly disrupts Hitachi Vantara

Data breach disclosed by UrbanOne following Cactus ransomware claims

More Resources

CyberSG TIG Collaboration Centre RSAC 2025 interview: cloudsineAI’s Matthias Chin

CyberSG TIG Collaboration Centre RSAC 2025 interview: Silverfort’s Hed Kovetz

RSAC 2025 executive interview: Devo’s Jason Mical

RSAC 2025 executive interview: Apiiro’s Idan Plotnik

AI at RSAC: The innovations that will shape cybersecurity’s future

Over 400 servers found to be exposed to SAP NetWeaver bug

RSAC 2025: Agentic AI highlights need for inclusive authentication methods

RSAC 2025 Keynote: Cisco open-sources AI security tools

VeriSource cops to 4 million accounts lost in 2024 data breach

BSides SF: How consumer cloud services can command and control malware

Secure by design? At RSAC 2025, experts warn: We’re not winning yet, but we could

RSAC 2025: Using an ‘MRI’ for neural networks to understand LLM jailbreaks

Iran claims to repel cyberattack on critical infrastructure

EVENTS

Mastering Attack Surface Management: Strategies for Securing the Expanding Digital Frontier

Mainframe security: Identifying threats, vulnerabilities, and risk mitigation strategies

AI Governance: Balancing Innovation, Ethics, and Security

Breaking Barriers: Solving AppSec Challenges in Financial Services

Detection-as-Code: A New Playbook for Smarter Security Operations