Security news aggregator

Latest coverage for Startup

Startup cybersecurity covers protecting early-stage systems, customer data, and funding from breaches, fraud, and resource-driven weaknesses.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A startup is a young company developing a product or service, usually while its team, technology, and business processes are still changing rapidly. In information security, that pace and limited staffing can leave security ownership unclear or controls behind the product. Startups may also hold valuable intellectual property, customer information, credentials, and access to cloud services, making protection of those assets material even before the company is large.

Security coverage for startups commonly concerns exposed cloud resources, leaked secrets, excessive access privileges, vulnerable open-source dependencies, and incidents involving suppliers or hosted platforms. Useful safeguards include an inventory of systems and data, multi-factor authentication, least-privilege access, managed secrets, dependency and vulnerability management, centralized logging, and a tested process for reporting and responding to incidents. Customers and investors may also assess whether stated privacy or security commitments match the startup’s actual controls and operating practices.

Showing 4 most recent headlines Filtered view

OpenAI's first security hire, Ari Herbert-Voss, thinks more automated bug finding will improve security without costing jobs Black Hat Asia Open source models can find bugs as effectively as Anthropic's Mythos, according to Ari Herbert-Voss, CEO of AI-powered security startup RunSybil and OpenAI's first security hire.…

Bank Info Security 2 months, 3 weeks ago

Why Cisco Is Eyeing Buy of Non-Human Identity Startup Astrix

Deal Would Help Cisco Expand Footprint Beyond Authentication, ITDR and ISPMCisco's cyber M&A dry spell could soon come to an end, with the company reportedly in talks to acquire New York-based non-human identity startup Astrix Security for between $250 million and $350 million. That would represent at least a 25% premium to the startup’s last valuation of around $200 million.

Hackpocalypse deferred Anthropic's Mythos model is purportedly so good at finding vulnerabilities that the Claude-maker is afraid to make it available to the general public for fear that criminals will take advantage. But early analysis shows that Mythos may not be as dangerous as some would have you believe.…

Two weeks ago, a suspected North Korean threat actor slipped malicious code into a package within Axios, a widely used JavaScript library. The immediate concern was the blast radius: roughly 100 million weekly downloads spanning enterprises, startups, and government systems. But beyond the sheer scale, the attack’s speed was just as worrisome – a stark […] The post Why the Axios attack proves AI is mandatory for supply chain security appeared first on CyberScoop.