code Archives - Help Net Security

code

Increasing speed of vulnerability scans ultimately increases security fixes overall

August 6, 2021

Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their …

The destructive power of supply chain attacks and how to secure your code

August 5, 2021

In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques …

Most third-party libraries are never updated after being included in a codebase

June 24, 2021

79% percent of the time, third-party libraries are never updated by developers after being included in a codebase – despite the fact that more than two thirds of fixes …

Data teams are discovering the benefits of automation and flexible coding

June 14, 2021

Ascend.io announced results from its research study about the work capacity and priorities of data teams, including data analysts, data scientists, data engineers, and …

Enhancing cyber resilience: What your team needs to know

June 9, 2021

In the wake of malicious attacks, we often witness everyone focusing on searching for those responsible, as opposed to how or why the attack took place and the most critical …

A leadership guide for mitigating security risks with low code platforms

May 25, 2021

The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The …

The basics of security code review

May 19, 2021

With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …

University of Minnesota researchers fail to understand consent

May 19, 2021

You’d think with all the recent discussion about consent, researchers would more carefully observe ethical boundaries. Yet, a group of researchers from the University of …

Commercial third party code creating security blind spots

May 18, 2021

Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research …

When exploit code precedes a patch, attackers gain a massive head start

May 14, 2021

Cybersecurity researchers that publicize exploit code used in cyberattacks are giving a clear and unequivocal advantage to attackers, new research conducted by Kenna Security …

Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools

May 13, 2021

As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of factors involved when running …

Managing and maturing Kubernetes security in the enterprise

April 28, 2021

The TL;DR version of the Infoworld article went something like this: “Companies are shying away from managing their own Kubernetes clusters and more and more, turning to …

code

Increasing speed of vulnerability scans ultimately increases security fixes overall

The destructive power of supply chain attacks and how to secure your code

Most third-party libraries are never updated after being included in a codebase

Data teams are discovering the benefits of automation and flexible coding

Enhancing cyber resilience: What your team needs to know

A leadership guide for mitigating security risks with low code platforms

The basics of security code review

University of Minnesota researchers fail to understand consent

Commercial third party code creating security blind spots

When exploit code precedes a patch, attackers gain a massive head start

Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools

Managing and maturing Kubernetes security in the enterprise

Don't miss

US agricultural co-op hit by ransomware, expects food supply chain disruption

Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings

The complexities of vulnerability remediation and proactive patching

How to retain the best talent in a competitive cybersecurity market

Securing Kubernetes as it becomes mainstream