Shifting security further left: DevSecOps becoming SecDevOps
Veracode has revealed usage data that demonstrates cybersecurity is becoming more automated and componentized in line with modern software architectures and development …
How to implement security into software design from the get-go
Software professionals know that the working relationship between developers and security teams can be complicated. Most security professionals feel it’s part of a …
Putting the “sec” in DevSecOps: An overall reduction of risk
In this Help Net Security interview, Cindy Blake, Senior Security Evangelist at GitLab, talks about the importance of integrating security in DevSecOps and how to overcome the …
Securing open-source code supply chains may help prevent the next big cyberattack
The headline-making supply chain attack on SolarWinds late last year sent a shock wave through the security community and had many CISOs and security leaders asking: “Is my …
What is wrong with developer security training?
“Turn a developer into a hacker” is a commonly heard call. There are many online courses and trainings that ostensibly teach developers how to write code that’s …
Increasing speed of vulnerability scans ultimately increases security fixes overall
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their …
The destructive power of supply chain attacks and how to secure your code
In this Help Net Security podcast, Tomislav Peričin, Chief Software Architect at ReversingLabs, explains the latest and most destructive supply chain attacks, their techniques …
Most third-party libraries are never updated after being included in a codebase
79% percent of the time, third-party libraries are never updated by developers after being included in a codebase – despite the fact that more than two thirds of fixes …
Data teams are discovering the benefits of automation and flexible coding
Ascend.io announced results from its research study about the work capacity and priorities of data teams, including data analysts, data scientists, data engineers, and …
Enhancing cyber resilience: What your team needs to know
In the wake of malicious attacks, we often witness everyone focusing on searching for those responsible, as opposed to how or why the attack took place and the most critical …
A leadership guide for mitigating security risks with low code platforms
The low code market continues to grow, increasingly finding adoption for more diverse and serious applications among enterprises and independent software vendors (ISVs). The …
The basics of security code review
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems