SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
Operational planning simulation for defense against an attacking drone swarm
The 2018 Winter Olympics in PyeongChang, South Korea stunned the world when they put on a dazzling light show made up of a record-breaking 1,218 drones, all dancing in …
How to make DevSecOps stick with developers
While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has …
ControlFlag: Machine programming research tool detects bugs in code
Intel unveiled ControlFlag – a machine programming research system that can autonomously detect errors in code. Even in its infancy, this self-supervised system shows promise …
Researchers aim to improve code patching in embedded systems
Three Purdue University researchers and their teammates at the University of California, Santa Barbara and Swiss Federal Institute of Technology Lausanne have received a DARPA …
Organizations knowingly ship vulnerable code despite using AppSec tools
Nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools, according to Veracode. Among the top reasons cited for pushing vulnerable …
Tech sector job interviews test performance anxiety rather than competence at coding
A study from North Carolina State University and Microsoft finds that the technical interviews currently used in hiring for many software engineering positions test whether a …
A Boxcryptor audit shows no critical weaknesses in the software
More and more companies, self-employed and private customers are using Boxcryptor to protect sensitive data – primarily in the cloud. Boxcryptor ensures that nobody but …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Technologies in all layers of the cloud stack are at risk
As breaches and hacks continue, and new vulnerabilities are uncovered, secure coding is being recognized as an increasingly important security concept — and not just for …
Eye-opening statistics about open source security, license compliance, and code quality risk
99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. Open source components and …
Automate manual security, risk, and compliance processes in software development
The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible cybersecurity gets in the way of what any …
