Tech sector job interviews test performance anxiety rather than competence at coding
A study from North Carolina State University and Microsoft finds that the technical interviews currently used in hiring for many software engineering positions test whether a …
A Boxcryptor audit shows no critical weaknesses in the software
More and more companies, self-employed and private customers are using Boxcryptor to protect sensitive data – primarily in the cloud. Boxcryptor ensures that nobody but …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Technologies in all layers of the cloud stack are at risk
As breaches and hacks continue, and new vulnerabilities are uncovered, secure coding is being recognized as an increasingly important security concept — and not just for …
Eye-opening statistics about open source security, license compliance, and code quality risk
99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. Open source components and …
Automate manual security, risk, and compliance processes in software development
The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible cybersecurity gets in the way of what any …
Code dependency mapping’s role in securing enterprise software
Enterprise software is only as good as its security. Today, a data breach costs $3.92 million on average. Organizations are expected to spend $124 billion on security in 2019 …
Cybercriminals plan to make L7 routers serve card stealing code
One of the Magecart cybercriminal groups is testing a new method for grabbing users’ credit card info: malicious skimming code that can be loaded into files used by L7 …
Malicious Python packages found on PyPI
Researchers have uncovered another batch of malicious Python libraries hosted on Python Package Index (PyPI). The malicious packages PyPI is the official third-party software …
Mozilla will block Firefox add-ons that contain obfuscated code
Mozilla has announced that, starting from June 10, Firefox add-ons containing obfuscated code will no longer be allowed on its Add-ons portal and will be blocked. “We …
The percentage of open source code in proprietary apps is rising
The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …
Build security into software up front: Believe it or not, it’s cheaper and faster
“You can pay me now, or you can pay me later” was the tagline of a 1981 ad promoting oil filters. Seems simple, but the implied message was much stronger: It wasn’t about …