Framing supply chain attacks
The increase in the demand for innovative software has effectively reshaped the software development industry itself. Today, speed and agility are paramount and development …
programming
Building security into cloud native apps with NGINX
Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and …
Popular coding advice doesn’t necessarily equal secure coding advice
Stack Overflow is a hugely popular online forum/Q&A site that many programmers and software developers use to find answers to particular programming problems. …
How students learn to code, evaluate job opportunities
New data from HackerRank reveals the technical skills, learning preferences and career motivators of collegiate software engineers. The findings provide a playbook for …
Countering threats: Steps to take when developing APIs
High profile data breaches resulting from faulty APIs continue to make headlines. In the last few months alone, T-Mobile’s data breach resulted in hackers stealing personal …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …
Secure your open source components automatically, continuously, and silently
In this podcast recorded at Black Hat USA 2018, Azi Cohen, General Manager at WhiteSource, talks about open source lifecycle management. WhiteSource manages open source …
GitHub adds Python support for security alerts
GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also …
George Gerchow, CSO at Sumo Logic: Our DevSecOps strategy
Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, their purpose-built, cloud-native service analyzes more than 100 …
Four common API vulnerabilities and how to prevent them
Proper security measures are one of the most important aspects of building an application programming interface, or API. It’s great for an API to connect systems and give …
IT ops and engineering are embracing automation to increase business agility
Based on a survey of nearly 700 engineering and operations individuals globally, a report by Indeni and GNS3 reveals a programming knowledge gap that is having an impact on …
Eavesdropper vulnerability exposes sensitive corporate communications data
Appthority published research on its discovery of the Eavesdropper vulnerability, caused by developers carelessly hard coding their credentials in mobile applications that use …