OSV-Scanner: A free vulnerability scanner for open-source software
After releasing the Open Source Vulnerabilities database (OSV.dev) in February, Google has launched the OSV-Scanner, a free command line vulnerability scanner that open source …
software development
How to improve secure coding education
Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …
Critical vulnerability in Spotify’s Backstage discovered, patched
A critical unauthenticated remote code execution vulnerability in Spotify’s Backstage project has been found and fixed, and developers are advised to take immediate action in …
Following Log4j: Supporting the developer community to secure IT
How bad was the Log4j vulnerability for open source’s reputation? One of the most high-profile exploits in recent years, it even led to a government advisory from the UK’s …
What developers want and how to keep them on your team
OutSystems released a new developer jobs report identifying the factors that motivate them to stay with their companies and the frustrations that drive them away. The report, …
Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, …
How can organizations benefit from full-stack observability?
New Relic published the 2022 Observability Forecast report, which captures insights into the current state of observability, its growth potential, and the benefits of …
Developers are struggling to keep up with ongoing security activities
Security Compass has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their …
Backlogs larger than 100K+ vulnerabilities but too time-consuming to address
Rezilion and Ponemon Institute announced the release of “The State of Vulnerability Management in DevSecOps,” which reveals that organizations are losing thousands of hours in …
What’s challenging development teams amid their race to the cloud?
Couchbase announced findings from industry research examining the challenges faced by development teams amid the race to the cloud and to execute on digital transformation …
Development of secure software now an imperative for global DevOps teams
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and …
How automation can solve application development challenges
Security Compass has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their …