Never leak secrets to your GitHub repositories again
GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public …
Trained developers get rid of more vulnerabilities than code scanning tools
An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of …
How to improve secure coding education
Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …
What developers want and how to keep them on your team
OutSystems released a new developer jobs report identifying the factors that motivate them to stay with their companies and the frustrations that drive them away. The report, …
Simplifying legal entity identification in the digital age
As the world’s legal entities rush to digitize their processes and transactions, confidence in digital authenticity is in short supply. Thankfully, a single, open and …
Barely one-third of IT pros can vet code for tampering
Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …
Massive shadow code risk for world’s largest businesses
Source Defense announced the results of a study that for the first time sizes the security, privacy, and compliance risks that are literally designed into the digital supply …
Sigstore: Signature verification for protection against supply chain attacks
Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …
Are businesses ready to implement cloud-native development?
OutSystems released findings from a global survey of IT leaders and developers gauging the benefits and challenges of cloud-native development, with results highlighting stark …
Principles for Kubernetes security and good hygiene
Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …
81% of codebases contain known open source vulnerabilities
Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and …
86% of developers don’t prioritize application security
Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …