DevSecOps Archives - Help Net Security

DevSecOps

Retail and hospitality sector fixing software flaws at a faster rate than others

January 22, 2021

The retail and hospitality sector is fixing software flaws at a faster rate than five other sectors, a Veracode analysis of more than 130,000 applications reveals. The ability …

Enterprises move on from legacy approaches to software development

January 18, 2021

Application development and maintenance services in the U.S. are evolving to meet changing demands from enterprises that need dynamic applications with rich user interfaces, …

SQL injection: The bug that seemingly can’t be squashed

January 11, 2021

If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …

How to make DevSecOps stick with developers

December 14, 2020

While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has …

Six cryptographic trends we’ll see next year

December 7, 2020

2020 was a “transformative” year, a year of adaptability and tackling new challenges. As we worked with organizations to deploy mission-critical data security, cryptography …

76% of applications have at least one security flaw

October 28, 2020

The majority of applications contain at least one security flaw and fixing those flaws typically takes months, a Veracode report reveals. This year’s analysis of 130,000 …

GitHub envisions a world with fewer software vulnerabilities

October 13, 2020

After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …

Few security pros believe their organizations have reached full DevSecOps maturity

October 1, 2020

20% of security professionals described their organizations’ DevSecOps practices as “mature”, while 62% said they are improving practices and 18% as “immature”, a WhiteSource …

Essential features of security automation for the AWS platform

September 2, 2020

DevSecOps tactics and tools are dramatically changing the way organizations bring their applications to fruition. Having a mindset that security must be incorporated into …

Organizations knowingly ship vulnerable code despite using AppSec tools

August 12, 2020

Nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools, according to Veracode. Among the top reasons cited for pushing vulnerable …

Misconfigured cloud storage services are commonplace in 93% of deployments

August 6, 2020

Cloud breaches will likely increase in velocity and scale, and highlights steps that can be taken to mitigate them, according to Accurics. “While the adoption of cloud native …

How to secure software in a DevOps world

June 22, 2020

The COVID-19 pandemic and its impact on the world has made a growing number of people realize how many of our everyday activities depend on software. We increasingly work, …