OWASP adds unprotected APIs, insufficient attack protection to Top Ten 2017 release

The Open Web Application Security Project (OWASP) released its Top 10 2017 project for public comment. This is the 14th year OWASP is raising awareness of security risks with its list, and it contains two major vulnerability updates, example attack scenarios, and a list of free and open resources for security-conscious developers. When Jeff Williams, OWASP … continue reading

Report: 111 billion lines of code will have to be secured this year

As new pieces of software are being written every day, the threat of malicious hacking continues to grow. According to a new report, there will be about 111 billion lines of new software code created this year, and with them will come billions of software vulnerabilities. “Applications have become inviting targets for malicious actors, but … continue reading

Report: Application security continues to be a problem

Despite the importance of software security and the advancements made to protect applications, developers are still having a hard time developing secure solutions. A new study from Veracode shows while developers’ top concerns are cyberattacks and data breaches, security testing imposes a risk to their development and deadlines. “Development teams face an onslaught of challenges … continue reading

HPE Security Fortify report finds application security is lacking in DevOps processes

The adoption of DevOps is transforming how companies deliver software, but this shift toward agility and Continuous Delivery is exposing some gaps that persist in application security. A majority of security teams and developers agree that adopting DevOps into their culture can improve application security, but only a small portion of them actually do application … continue reading

Veracode announces Developer Sandbox, Appvance UTP ships for enterprise, and Twilio launches Sync—SD Times news digest: July 26, 2016

Veracode announced Developer Sandbox today, a new feature that allows developers and security risk teams to have more control over their application security processes. With this feature, developers can review security processes early in the development life cycle, and they have the ability to scan full applications or components as they write them. This allows … continue reading

HTML Snippets Powered By : XYZScripts.com