Security Boulevard

What happens when cutting-edge technology meets the reality of securing modern applications? That’s the question our expert panel tackled in this conversation on how eBPF is reshaping application security. Moderated by Katie Norton of IDC, the discussion featured Brian Joe (Impart Security), Francesco Cipollone (Phoenix Security), and Daniel Pacak (cloud-native security consultant), who brought insights from across the security landscape.

Starting with eBPF’s roots in network traffic filtering, the panel explored its evolution into a powerful tool for observability and, potentially, security. Along the way, they challenged the hype, highlighted its real-world applications, and didn’t shy away from its limitations. This wasn’t just a tech talk—it was a deep dive into what eBPF can actually deliver and where the industry still needs to innovate.

Key Takeaways

• eBPF in Action: A kernel-level tool that opens up unparalleled visibility into application and system behavior.
• Not a Silver Bullet: eBPF excels at observability, but it’s not a complete security solution. It needs smart engineering to turn raw data into meaningful insights.
• The Cost of Data Overload: More visibility doesn’t always mean better security. Without focus, eBPF can drown teams in noise, not actionable intelligence.
• Bridging the Gap: Legacy applications often remain in the dark. While eBPF thrives in modern cloud-native environments, it offers little for older systems still critical to business operations.
• Future is Context: The real value lies in tools that filter the firehose of data into actionable, risk-reducing insights.

Memorable Insights

Francesco: “With great power comes great responsibility. eBPF gives you visibility, but it doesn’t solve the problem of too many vulnerabilities.”

Brian: “Security teams don’t need more visibility—they need actionable insights that actually reduce risk.”

Daniel: “Innovation with eBPF isn’t about collecting more data—it’s about collecting the right data intelligently.”

Why It Matters

eBPF is undeniably a breakthrough in technology, offering opportunities for greater insight and control over applications. But as the panel made clear, its value lies not in the hype but in its practical application. Whether it’s pinpointing vulnerabilities in sprawling containerized environments or adding an extra layer of defense in critical systems, the focus should be on solving real problems efficiently.

Ready to separate the eBPF hype from reality? Join the conversation and discover where observability ends and actionable security begins.

‍

/

‍

The post How eBPF is changing appsec | Impart Security appeared first on Security Boulevard.

If approved, the proposed new HIPAA rules will reshape the landscape of healthcare cybersecurity, partially addressing the recent OIG report’s findings on the ineffectiveness of current HIPAA audits. For CISOs, these changes present both opportunities and challenges as they work to enhance their organizations’ cybersecurity practices. The updated compliance requirements for electronic protected health information...

The post What to Know About the Proposed New HIPAA Rules appeared first on Hyperproof.

The post What to Know About the Proposed New HIPAA Rules appeared first on Security Boulevard.

Overview: We hope you had a fantastic holiday! Unfortunately, the Grinch might have left one last surprise for us – Tenable has identified a critical issue affecting Nessus Agent versions 10.8.0 and 10.8.1, causing some headaches for vulnerability management teams. A recent plugin update has rendered these agents offline and unresponsive, halting vulnerability scans on… Continue reading Cyber Heads Up: Tenable Plugin Update Causes Agents to Disconnect from Cloud Console (Read for Fix)

The post Cyber Heads Up: Tenable Plugin Update Causes Agents to Disconnect from Cloud Console (Read for Fix) appeared first on Assura, Inc..

The post Cyber Heads Up: Tenable Plugin Update Causes Agents to Disconnect from Cloud Console (Read for Fix) appeared first on Security Boulevard.

Authors/Presenters: Catherine Ullman

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Curious Case of Alice & Bob: What You Can Do as Digital Investigators appeared first on Security Boulevard.

by Source Defense In a recent high-profile incident covered by Forbes, our Source Defense Research team identified a sophisticated Magecart attack targeting the European Space Agency’s online store. This case study demonstrates why leading organizations worldwide trust Source Defense to protect their client-side security. In the December 2024 incident, Forbes reported what it called “one

The post Holiday Shopping Meets Cyber Threats: How Source Defense Detected the ESA Store Attack appeared first on Source Defense.

The post Holiday Shopping Meets Cyber Threats: How Source Defense Detected the ESA Store Attack appeared first on Security Boulevard.

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Skew-T Log-P’ appeared first on Security Boulevard.

As we kick off 2025, software's role in our daily lives has never been more apparent, and the integrity of our open source components has never been more important. We have the privilege of working with organizations around the world to secure their software supply chains, and the new year provides an opportunity for us to celebrate those customers who have put their trust in us.

The post Sonatype customers leading with innovation in the new year appeared first on Security Boulevard.

Author/Presenter: Lukas McCullough

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Physical OSINT appeared first on Security Boulevard.

A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users.  

The post WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps appeared first on Security Boulevard.

Discover how a global insurance leader leverages DataDome to protect endpoints from sophisticated bots, achieve GDPR compliance, block brute-force attacks, and gain actionable threat insights.

The post How a Global Insurer Protects Customer Data & Achieves Compliance With DataDome appeared first on Security Boulevard.

The post SAQ A-EP: Top 5 Actions Merchants Must Take to comply with PCI DSS 4 Requirements 6.4.3 and 11.6.1 by March 31, 2025 appeared first on Feroot Security.

The post SAQ A-EP: Top 5 Actions Merchants Must Take to comply with PCI DSS 4 Requirements 6.4.3 and 11.6.1 by March 31, 2025 appeared first on Security Boulevard.

As we begin 2025, artificial intelligence (AI) continues to be both a game-changer and a point of contention in the software industry.

The post 2025 predictions: Artificial intelligence (AI) appeared first on Security Boulevard.

China is continuing to target U.S. entities in its efforts regarding Taiwan, including using state-sponsored Flax Typhoon to compromise Guam infrastructure. U.S. are pushing back, with the Treasury Department sanctioning a Chinse cybersecurity firm accused of aiding in some of the attacks.

The post China’s Salt Typhoon Attacks Guam entity; US Sanctions Chinese Company appeared first on Security Boulevard.

Join us for our first industry webinar of 2025: Beyond the Perimeter: Addressing Blind Spots in Identity Security for 2025.

Our founder Simon Moffatt will be in conversation with Silverfort CEO Hed Kovetz, where they'll be chatting about the rise and need for identity security - what it is, how it works and how to get there.

The post Addressing Blind Spots in Identity Security for 2025 appeared first on The Cyber Hut.

The post Addressing Blind Spots in Identity Security for 2025 appeared first on Security Boulevard.

Torq has extended the reach of the generative artificial intelligence (AI) capabilities spanning its security operations center (SOC) platform to now include multiple agents.

The post Torq Adds Bevy of AI Agents to Automate Cybersecurity Workflows appeared first on Security Boulevard.

As December 2024 comes to a close, we’re surfacing the latest updates to sensitive permissions and services from AWS. Keeping up with these changes is necessary for maintaining a strong cloud security posture and ensuring that sensitive permissions are managed with care. This month’s updates feature new sensitive permissions across existing services and several new […]

The post December Recap: New AWS Sensitive Permissions and Services appeared first on Security Boulevard.

by Source Defense With the introduction of PCI DSS 4.0, merchants are now grappling with new requirements that aim to enhance the security of cardholder data. At a QSA roundtable hosted by Source Defense, industry veterans gathered to dissect these changes and their implications for businesses of all sizes. Understanding the New Requirements PCI DSS

The post Navigating the New PCI DSS 4.0 Requirements: Key Takeaways from Industry Experts appeared first on Source Defense.

The post Navigating the New PCI DSS 4.0 Requirements: Key Takeaways from Industry Experts appeared first on Security Boulevard.

Understand bot traffic and which bots you may want to protect from. While some bot traffic is beneficial, learn about bot attacks and how you can protect your website's security.

The post What is Bot Traffic? How to Protect Your Website Against Unwanted Bot Traffic appeared first on Security Boulevard.

DigiCert has made available a Domain Control Validation (DCV) library under an open-source software license as part of a larger effort to enable certificate authorities (CAs) to reduce total costs.

The post DigiCert Open Sources Domain Control Validation Software appeared first on Security Boulevard.

Four actionable tips that will enable you to enhance the human element of your cybersecurity posture, transforming potential vulnerabilities into robust defenses.

The post 4 Tips to Fortify the Human Element in Your Cybersecurity Posture appeared first on Security Boulevard.