DevSecOps
Organizations knowingly ship vulnerable code despite using AppSec tools
Nearly half of organizations regularly and knowingly ship vulnerable code despite using AppSec tools, according to Veracode. Among the top reasons cited for pushing vulnerable …
Misconfigured cloud storage services are commonplace in 93% of deployments
Cloud breaches will likely increase in velocity and scale, and highlights steps that can be taken to mitigate them, according to Accurics. “While the adoption of cloud native …
How to secure software in a DevOps world
The COVID-19 pandemic and its impact on the world has made a growing number of people realize how many of our everyday activities depend on software. We increasingly work, …
Why DevSecOps remains a mirage
Despite the rhetoric around DevSecOps, security remains an afterthought when organizations are building software. Meanwhile, the latest Verizon threat report identified that …
Factors driving API growth in industry
This is third in a series of articles that introduces and explains application programming interfaces (API) security threats, challenges, and solutions for participants in …
With increased DevOps adoption, roles in software development teams are changing
Roles across software development teams have changed as more teams adopt DevOps, according to GitLab. The survey of over 3,650 respondents from 21 countries worldwide found …
Technologies in all layers of the cloud stack are at risk
As breaches and hacks continue, and new vulnerabilities are uncovered, secure coding is being recognized as an increasingly important security concept — and not just for …
Keeping your app’s secrets secret
The software development process has vastly changed in this past decade. Thanks to the relentless efforts of the cloud and virtualization technology providers, we now have …
Container security requires continuous security in new DevSecOps models
When Jordan Liggitt at Google posted details of a serious Kubernetes vulnerability in November 2018, it was a wake-up call for security teams ignoring the risks that came with …
Microsoft Application Inspector: Check open source components for unwanted features
Want to know what’s in an open source software component before you use it? Microsoft Application Inspector will tell you what it does and spots potentially unwanted …
Embedding security, the right way
As organizations proceed to move their processes from the physical world into the digital, their risk profile changes, too – and this is not a time to take risks. By not …
Developers worry about security, still half of teams lack an expert
While nearly 75% of developers worry about the security of their applications and 85% rank security as very important in the coding and development process, nearly half of …
Featured news
Resources
Don't miss
- Your dependencies are 278 days out of date and your pipelines aren’t protected
- Security debt is becoming a governance issue for CISOs
- BlacksmithAI: Open-source AI-powered penetration testing framework
- When cyber threats start thinking for themselves
- IronCurtain: An open-source, safeguard layer for autonomous AI assistants