software development

Building resilience through DevSecOps
DevSecOps, short for Development, Security, and Operations, is an approach that emphasizes the integration of security practices and principles into every stage of the …

API tools and services are fueling revenue growth
As more companies recognize APIs as the building blocks of modern software, API tools and services are evolving to meet their needs, according to Postman. Adopting an …

Microsoft, GitHub announce application security testing tools for Azure DevOps
GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub …

Never leak secrets to your GitHub repositories again
GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public …

Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …

Developers can make a great extension of your security team
Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain …

The dangers of unsupported applications
Are ageing technologies and infrastructure threatening the security and productivity of your business? A recent investigation by the National Audit Office (NAO – UK’s …

Establishing secure habits for software development in 2023
As a new year commences, it’s not unusual for people to take the opportunity to adopt better practices and principles and embrace new ways of thinking in both their personal …

A closer look at malicious packages targeting Python developers
In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …

70% of apps contain at least one security flaw after 5 years in production
Veracode revealed data that could save organizations time and money by helping developers minimize the introduction and accumulation of security flaws in their software. Their …

OSV-Scanner: A free vulnerability scanner for open-source software
After releasing the Open Source Vulnerabilities database (OSV.dev) in February, Google has launched the OSV-Scanner, a free command line vulnerability scanner that open source …

How to improve secure coding education
Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …
Featured news
Resources
Don't miss
- Trojanized SonicWall NetExtender app exfiltrates VPN credentials
- High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
- Why work-life balance in cybersecurity must start with executive support
- Reconmap: Open-source vulnerability assessment, pentesting management platform
- Microsoft will start removing legacy drivers from Windows Update