Please turn on your JavaScript for this page to function normally.
Java
How to manage the intersection of Java, security and DevOps at a low complexity cost

In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for …

Log4j
How to address the ongoing risk of Log4j exploitation and prepare for the future

“Vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer,” the Cyber Safety Review Board (CSRB) has concluded. …

lock
Applying Shift Left principles to third party risk management

In this Help Net Security video, Etai Hochman, CTO at Mirato, talks about applying Shift Left, a concept that originated with developers to find and prevent defects early in …

Magnify
Barely one-third of IT pros can vet code for tampering

Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …

person
How do DevSecOps professionals feel about security becoming an around the clock job?

As breaches continue to rise, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures. Invicti Security …

mask
US warns of North Korean hackers posing as IT freelancers

Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …

DevSecOps
How to make DevSecOps a reality

Every AppSec leader recognizes and admits that software development is accelerating, and there’s no way their current approach is going to keep up. It is much better to …

cloud
Are businesses ready to implement cloud-native development?

OutSystems released findings from a global survey of IT leaders and developers gauging the benefits and challenges of cloud-native development, with results highlighting stark …

Kubernetes
Principles for Kubernetes security and good hygiene

Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …

open source
Challenges development teams face when building applications with open source

Tidelift released a report providing critical insights into the state and practice of open source software supply chain management. This comprehensive study of nearly 700 …

open source
81% of codebases contain known open source vulnerabilities

Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and …

code
86% of developers don’t prioritize application security

Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …

Don't miss

Cybersecurity news