The growing threat to CI/CD pipelines
Before the pandemic, most modern organizations had recognized the need to innovate to support developers’ evolving workflows. Today, rapid digitalization has placed a …
software development
70% of organizations recognize the importance of secure coding practices
A research from Secure Code Warrior has revealed an attitudinal shift in the software development industry, with organizations bucking traditional practices for DevOps and …
iOS app developers targeted with trojanized Xcode project
“We recently became aware of a trojanized Xcode project in the wild targeting iOS developers thanks to a tip from an anonymous researcher. The malicious project is a …
With data volumes and velocity multiplying, how do you choose the right data security solution?
There is no doubt that the COVID-19 pandemic has caused radical changes in our personal and working lives. The sudden and massive surge of employees working from home and the …
Tips for boosting the “Sec” part of DevSecOps
The most significant barrier to achieving DevSecOps is the continued perception that “Sec” is not already a part of “Dev” and “Ops”, says James Arlen, CISO at cloud data …
API adoption is on the rise across all industries
Developer reliance on APIs increased over the past year amidst the global pandemic and will continue to increase in 2021, a RapidAPI survey reveals. Organizations of all sizes …
Retail and hospitality sector fixing software flaws at a faster rate than others
The retail and hospitality sector is fixing software flaws at a faster rate than five other sectors, a Veracode analysis of more than 130,000 applications reveals. The ability …
Enterprises move on from legacy approaches to software development
Application development and maintenance services in the U.S. are evolving to meet changing demands from enterprises that need dynamic applications with rich user interfaces, …
Most containers are running as root, which increases runtime security risk
While container usage reveals organizations are shifting left by scanning images during the build phase, DevOps teams are still leaving their environments open to attack, …
SQL injection: The bug that seemingly can’t be squashed
If you’re in a hands-on cybersecurity role that requires some familiarity with code, chances are good that you’ve had to think about SQL injection over and over (and over) …
The fight to stymie adversarial machine learning is on
The use of machine learning (ML) technology is booming. This development is being driven by the many immediate gains that can be achieved using machine learning models in …
Review: Alice & Bob Learn Application Security
Tanya Janca, founder of We Hack Purple, an online learning academy, community and podcast that teaches how to create secure software, is also known as SheHacksPurple and is …
