High risk vulnerability discovered in Sauter CASE Suite building automation software

Applied Risk researcher, Gjoko Krstic, has identified a security vulnerability in the Sauter CASE Suite, a software package used to handle building automation projects with energy-efficient strategies and methods. The Sauter CASE Suite is a building management software that is used for project engineering and control functions of building management systems within both office and industrial environments. The application suffers from an XML External Entity (XXE) vulnerability, which can be used to cause a Denial … More

Test IO introduces Bug Fix Confirmation, leveraging network of software testers to verify bug fixes

Test IO released a new product to help software teams verify that bugs are fixed in real-world conditions before software is released. Bug Fix Confirmation leverages test IO’s network of software testers to ensure that identified bugs are fixed so software releases go out on schedule. Verifying resolution of bugs is a standard step in the software development cycle and a bottleneck in release processes. It is troublesome for companies whose development teams have prioritized … More

IKARUS Security Software partners with PolySwarm to advance early malware detection

PolySwarm partners with IKARUS Security Software to advance its early malware detection capabilities. IKARUS will assist PolySwarm in its efforts to expand its network of antivirus vendors and developers by uploading IKARUS’ engine into Polyswarm’s marketplace. “The way PolySwarm compensates security companies for successfully detecting potential threats will pave the way to a new era in threat detection,” said Mario Bono, head of the malware lab at IKARUS. “The ability to access a vast stream … More

LookingGlass Cyber Solutions software platform manages third party cyber risks

LookingGlass Cyber Solutions released its Third Party Risk Monitoring offering. Built on the ScoutPrime platform, the LookingGlass subscription service offering leverages the threat data along with a team of expert security and intelligence analysts to mitigate risks, provide visibility into potential vendor exposure, and reduce time to action with negligible false positives. Beyond the digitized walls of every company is a world of vendors, suppliers, providers, and subsidiaries, all connected to a company’s network or … More

First release of StarlingX open source edge cloud software now available

StarlingX — the open source edge computing and IoT cloud platform optimized for low latency and high performance applications — is available in its first release. The project was established in May as a pilot project supported by the OpenStack Foundation (OSF) and builds on code contributed by Wind River and Intel Corporation. StarlingX delivers services to help fill the gaps in the open source edge cloud ecosystem to meet requirements of edge use cases … More

Checkmarx and Fishtech Group partner to help businesses fight software exposure risk

Checkmarx formed a strategic partnership with Fishtech Group to enable customers across North America manage software exposure at the speed of DevOps. Working together, Fishtech Group will become a reseller of Checkmarx’s Software Exposure Platform to help customers release secure software. “Checkmarx is helping to transform the software security industry by moving beyond traditional security testing to managing total software exposure across the entire SDLC,” said Barry Cooper, Vice President of Marketing and Corporate Communications … More

Repairnator bot finds software bugs, successfully submits patches

Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? A group of researchers from the University of Lille & Inria Lille (France) and the KTH Royal Institute of Technology (Sweden) have been researching the possibility for a while now, and their Repairnator bot, which is specialized to repair build failures happening during continuous integration, … More

Passware Kit: Forensic software recovers passwords for Bitcoin wallets

Passware announces Passware Kit recovers passwords for popular Bitcoin wallet services: Blockchain.com (known previously as Blockchain.info) and Bitcoin Core. Bitcoin is decentralized peer-to-peer digital payment network that is powered by its users with no central authority or middlemen. When Bitcoin wallet passwords are lost or forgotten According to Blockchain.com support, they cannot help their users regain access to their wallets if they have lost or forgotten their passwords. “This is because we don’t have access … More

Latest Building Security In Maturity Model reflects software security initiatives of 120 firms

Synopsys released BSIMM9, the latest version of the Building Security In Maturity Model (BSIMM) designed to help organizations plan, execute, and measure their software security initiatives (SSIs). The ninth iteration of BSIMM reflects data collected over a 10-year study of real-world SSIs across 120 firms. “Development, security, and operations teams need to align, and BSIMM9 provides data suggesting this is taking place through automation, particularly as software shifts to the cloud,” said Dr. Brian Chess, … More

Motorola Solutions adds new features to Ally cloud-based security software

Motorola Solutions announced new features for Ally, its cloud-based security software platform for enterprises in North America. Available now, the enhancements enable communication and real-time information-sharing for security teams. Created for private security companies as well as security teams at hospitals, schools, resorts, manufacturing plants and more, Ally streamlines the management, response and reporting of incidents ranging from an injured employee to more critical situations. “Safety and security are increasingly important in the private sector,” … More