Transitioning from vulnerability management to vulnerability remediation
Like many people, I’m glad 2020 is almost over. I am, however, excited about 2021. Here are three trends I believe will impact how well (or not) companies will be able to …
How to make DevSecOps stick with developers
While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has …
Cloud-native benefits stifled by critical security and networking issues
While most organizations today are using cloud-native apps, Kubernetes and microservices, they struggle to secure and connect the complex environments resulting from them, a …
Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)
A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …
Theory and practice of web application security efforts in organizations worldwide
75% of executives believe their organization scans all web applications for security vulnerabilities, while nearly 50% of security staff say they don’t, a Netsparker …
How important is monitoring in DevOps?
The importance of monitoring is often left out of discussions about DevOps, but a Gartner report shows how it can lead to superior customer experiences. The report provides …
Most AppSec pros see a growing divide between them and developers
75% of AppSec practitioners and 49% of developers believe there is a cultural divide between their respective teams, according to ZeroNorth. As digital transformation takes …
Database monitoring improves DevOps success for financial services orgs
The financial services sector is outperforming other industries, both in its adoption of database DevOps, and its use of monitoring to track database performance and …
Most dev and IT practitioners work extra hours resolving incidents
PagerDuty released a new worldwide study highlighting that more than 80% of organizations have experienced a significant increase in pressure on digital services since the …
Essential features of security automation for the AWS platform
DevSecOps tactics and tools are dramatically changing the way organizations bring their applications to fruition. Having a mindset that security must be incorporated into …
Swap Detector: Open source tool for detecting API usage errors
GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be …
Large-scale migrations away from on-premise environments are underway
COVID-19 has had a massive effect on DevOps, leading to large-scale migrations away from on-premises environments, a Codefresh survey reveals. At the same time, DevOps …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM