Security Boulevard

Security Boulevard hosts the Security Bloggers Network (SBN), which includes more than 300 member blogs. For over 12 years, SBN has been dedicated to highlighting and sharing insights from some of the top bloggers in the security industry.

Trade/B2B, Consumer

English

Blog

Outlet metrics

Domain Authority

Ranking

Global

#362384

United States

#354335

Computers Electronics and Technology/Computer Security

#924

Traffic sources

Monthly visitors

Articles

Secretless Access for GitHub Actions and Workflows

3 days ago | securityboulevard.com | Dan Kaplan

GitHub Actions environment variables power the automation that builds, tests, and deploys your code. These variables connect your pipelines to external systems, databases, and cloud providers. A 2024 report from Legit Security found that most GitHub Actions workflows have critical security flaws. Over 7,000 workflows interpolate untrusted input, more than 2,500 execute untrusted code, and 86% don’t limit token permissions.
Output-driven SIEM - 13 years later

3 days ago | securityboulevard.com | Anton Chuvakin

Output-driven SIEM! Apart from EDR and SOC visibility triad, this is probably my most known “invention” even though I was very clear that I stole this from the Vigilant crew back in 2011. Anyhow, I asked this question on X the other day:So, what year is this? Let me see … 2025! Anyhow, get a time machine, we are flying to 2012…. whooosh…. … we landed … no dinosaurs in sight so we didn’t screw the time settings. Now, WTH is “output-driven SIEM”?
Security Boulevard

4 days ago | securityboulevard.com | Alex Vakulov |Tom Eston |Michael Bentley

Scott and Tom explain why privacy isn’t dead, why should everyone should care about their privacy, and how you should respond to someone that says “I don’t care about privacy, I have ...
Cities of the Future or Hacker’s Paradise? The Cybersecurity Risks of Smart Cities

4 days ago | securityboulevard.com | Tom Eston

Join us as we explore the concept of smart cities—municipalities enhanced by connected technology like sensors, cameras, and automated systems to improve services and infrastructure. We discuss the inherent vulnerabilities that come with these advancements, including cybersecurity threats and real-life incidents such as hacked crosswalk signals featuring voices of tech moguls.
smart cities Archives

4 days ago | securityboulevard.com | Tom Eston |Brian Anderson |Mike O'Malley |Tony Bradley
ISO 27001 Risk Register Setup: Step-by-Step Guide

6 days ago | securityboulevard.com | Max Aulakh

While we talk a lot on this site about the US Government’s various cybersecurity frameworks, like FedRAMP and CMMC, there’s one significant framework that deserves just as much attention: ISO 27001. ISO 27001, being an ISO standard, is an international framework for cybersecurity divorced from any one country’s government. It’s a way for businesses operating overseas – and even domestically – to demonstrate security in a way that is acknowledged by the international community.
Meta AI is a ‘Privacy Disaster’ - OK Boomer

6 days ago | securityboulevard.com | Richi Jennings

Pundits accuse Zuckerberg’s latest app has a “dark pattern,” tricking the over 50s into oversharing. The Meta AI app’s public feed is full of private, personal, identifiable information. And why are people sharing this stuff in public? Because they don’t realize that’s what the Share button does, apparently. Of course, that’s not what the Share button does in any other app. In today’s SB Blogwatch, we undershare and overlap. Your humble blogwatcher curated these bloggy bits for your entertainment.
dark patterns Archives

1 week ago | securityboulevard.com | Richi Jennings |Sue Poremba |Luana Pascu

The Home of the Security Bloggers Network
Google Cloud Outage Plunges Thousands Into Darkness For Two Hours

1 week ago | securityboulevard.com | Jon Swartz

Alphabet Inc.’s Google Cloud and music streaming platform Spotify were down for more than two hours Thursday, leaving thousands of customers without service, according to outage-tracking website Downdetector.com. “We are experiencing service issues with multiple GCP products,” a Google Cloud status page showed, indicating outages began at 1:51 a.m. ET.
5 Common Ways Non-Human Identities Are Exploited - and How to Secure Them

1 week ago | securityboulevard.com | Dan Kaplan

Non-human identities (NHIs) have become the operational backbone of modern infrastructure. They are used to authenticate to APIs, pull secrets from vaults, move artifacts between systems, and deploy code across environments. Across most organizations, they outnumber human users by an order of magnitude. Yet they are often handled with little structure – provisioned ad hoc, rarely audited, and frequently treated as low-risk. Attackers don’t share that assumption.