software development
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …
Is security becoming a priority for DevOps teams?
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and …
API security incidents occur at least once a month
Postman released the results of its 2022 State of the API Report, which surveyed more than 37,000 developers and API professionals on a range of topics, including their …
What is challenging successful DevSecOps adoption?
Mezmo published an ESG report which provides insights on DevSecOps adoption, its benefits, and the challenges with implementation. According to the study, only 22% of …
How to manage the intersection of Java, security and DevOps at a low complexity cost
In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for …
How to address the ongoing risk of Log4j exploitation and prepare for the future
“Vulnerable instances of Log4j will remain in systems for many years to come, perhaps a decade or longer,” the Cyber Safety Review Board (CSRB) has concluded. …
Applying Shift Left principles to third party risk management
In this Help Net Security video, Etai Hochman, CTO at Mirato, talks about applying Shift Left, a concept that originated with developers to find and prevent defects early in …
Barely one-third of IT pros can vet code for tampering
Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …
How do DevSecOps professionals feel about security becoming an around the clock job?
As breaches continue to rise, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures. Invicti Security …
US warns of North Korean hackers posing as IT freelancers
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …
How to make DevSecOps a reality
Every AppSec leader recognizes and admits that software development is accelerating, and there’s no way their current approach is going to keep up. It is much better to …
Are businesses ready to implement cloud-native development?
OutSystems released findings from a global survey of IT leaders and developers gauging the benefits and challenges of cloud-native development, with results highlighting stark …
Featured news
Resources
Don't miss
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
- Exposure management is the answer to: “Am I working on the right things?”
- Cyberattacks are changing the game for major sports events
- Can your security stack handle AI that thinks for itself?
- July 2025 Patch Tuesday forecast: Take a break from the grind