DevSecOps
DevOps didn’t kill WAF, because WAF will never truly die
The web application firewall (WAF) is dead, they say, and DevOps is the culprit, found over the body in the server room with a blade in its hand and splattered code on its …
Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools
As modern infrastructures get more complex everyday, DevOps teams have a hard time tracking infrastructure drift. The multiplicity of factors involved when running …
Digital business requires a security-first mindset
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift …
The influence of the Agile Manifesto, 20 years on
On 11th February 2001, many software delivery thought leaders came together in Snowbird, Utah, to discuss how to create processes that can enable enterprises to continuously …
Tips for boosting the “Sec” part of DevSecOps
The most significant barrier to achieving DevSecOps is the continued perception that “Sec” is not already a part of “Dev” and “Ops”, says James Arlen, CISO at cloud data …
Retail and hospitality sector fixing software flaws at a faster rate than others
The retail and hospitality sector is fixing software flaws at a faster rate than five other sectors, a Veracode analysis of more than 130,000 applications reveals. The ability …
Enterprises move on from legacy approaches to software development
Application development and maintenance services in the U.S. are evolving to meet changing demands from enterprises that need dynamic applications with rich user interfaces, …
SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
How to make DevSecOps stick with developers
While DevOps culture has brought innovation to the industry and transformed the way software is developed, it’s arguably an outdated concept. The truth is that DevOps has …
Six cryptographic trends we’ll see next year
2020 was a “transformative” year, a year of adaptability and tackling new challenges. As we worked with organizations to deploy mission-critical data security, cryptography …
76% of applications have at least one security flaw
The majority of applications contain at least one security flaw and fixing those flaws typically takes months, a Veracode report reveals. This year’s analysis of 130,000 …
GitHub envisions a world with fewer software vulnerabilities
After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM