DevSecOps
Container security requires continuous security in new DevSecOps models
When Jordan Liggitt at Google posted details of a serious Kubernetes vulnerability in November 2018, it was a wake-up call for security teams ignoring the risks that came with …
Microsoft Application Inspector: Check open source components for unwanted features
Want to know what’s in an open source software component before you use it? Microsoft Application Inspector will tell you what it does and spots potentially unwanted …
Embedding security, the right way
As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not …
Developers worry about security, still half of teams lack an expert
While nearly 75% of developers worry about the security of their applications and 85% rank security as very important in the coding and development process, nearly half of …
Chance that flaws will ever be dealt with diminishes the longer they stick around
More than half of all security findings (56%) are fixed, but a focus on fixing new findings while neglecting aging flaws leads to increasing security debt, according to …
DevSecOps role expansion has changed how companies address their security posture
While organizations shift their applications to microservices environments, the responsibility for securing these environments shifts as well, Radware reveals. The rapid …
DevSecOps is emerging as the main methodology for securing cloud-native applications
Only 8 percent of companies are securing 75 percent or more of their cloud-native applications with DevSecOps practices today, with that number jumping to 68 percent of …
The rise of modern applications, DevSecOps and the intelligence economy
There has been a significant year-over-year growth in enterprise usage trends around multi-cloud adoption, open source technologies such as Kubernetes, and AWS cloud-native …
Organizations that scan applications in production have a reduced risk of being breached
Despite a significantly increased focus on application security testing, remediation rates for vulnerabilities continue to shrink, according to WhiteHat Security. Setu …
Six critical areas to focus on when integrating DevSecOps into an organization
The omnipresence of consumer electronics and computer power, alongside modern trends (i.e., DevOps, microservices, and open source) that accelerate deployment cycles continue …
Many companies don’t know the depth of their IoT-related risk exposure
In the digital age, cyber is everywhere. Cyber risk now permeates nearly every aspect of how we live and work. Organizations should better understand how to manage the risks …
Over 80% of network teams play a role in security efforts
More than 4 in 5 IT teams are involved in security efforts, and a majority of them report an increase of at least 25 percent in time spent on these efforts over the past 12 …