Black Duck audit highlights risk of open-source security vulnerabilities

Black Duck, a company that serves up information about the latest security vulnerabilities on open source components, released its 2017 Open Source Security and Risk Analysis (OSSRA) today. The OSSRA revealed significant risks related to open-source vulnerabilities and license-compliance challenges, as well as high levels of risk in the retail and ecommerce industry. According to … continue reading

OWASP adds unprotected APIs, insufficient attack protection to Top Ten 2017 release

The Open Web Application Security Project (OWASP) released its Top 10 2017 project for public comment. This is the 14th year OWASP is raising awareness of security risks with its list, and it contains two major vulnerability updates, example attack scenarios, and a list of free and open resources for security-conscious developers. When Jeff Williams, OWASP … continue reading

man on a computer

Free learning resources and tools for security savvy developers

Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software. Today, most firms have a software security group (or SSG) or a product security … continue reading

Apple iOS 10.3: APFS implementation, developer improvements, and security updates

Apple has announced iOS 10.3 with the highly requested “Find my AirPods” feature, new Apple File System (APFS) implementation, and a number of developer improvements. Other enhancements include bug fixes and touch ID authentication for its Numbers, Pages, and Keynote productivity apps. The latest version of the mobile operating system went through seven beta versions … continue reading

Security Playbook 2017: How to improve practices this year

From LinkedIn to Yahoo, companies fell into the hands of hackers and identity thieves in 2016. Each year, companies seem to make the same security resolutions, only to face roadblocks like skill shortages, time constraints and budget issues, which prevent them from implementing good security practices. Experts recommended companies consider the following trends and predictions … continue reading

PyCharm 2017.1, MicroStrategy 10.7, Next.js 2.0, and Ubuntu 17.04 final beta released — SD Times news digest: March 27, 2017

PyCharm 2017.1 released JetBrains’ announced an update to its Python IDE, PyCharm. PyCharm 2017.1 features a faster debugger, enhanced Python and JavaScript unit testing as well as support for the six compatibility library. With its improved Python unit test runners, developers can now run any test configurations with the IDE. The JavaScript unit testing has … continue reading

Intel announces new AI effort, CoreOS extends CoreOS Tectonic, and OpenSSL launches new site — SD Times news digest: March 24, 2017

Intel is beginning to square in on AI with the announcement of a single cross-Intel organization: The Artificial Intelligence Products Group (AIPG). According to the company, AIPG strengthens its focus on AI, and will include engineering, labs, software and resources as it continues to work on its AI portfolio: The Intel Nervana platform. In addition, … continue reading

How to keep kids safe from unsecure IoT devices and toys

The world of Internet-connected devices targeted at children is a magical one. Toy dinosaurs can learn and communicate with a growing child, teddy bears can transmit messages overseas to military parents, and talking dolls can communicate with children via speech recognition software. But this connectedness comes with a price. Recent hacks on IoT toys are … continue reading

Distill machine learning journal

OpenAI launches Distill, PyPy dual release, and Red Hat Enterprise Linux 6.9 GA — SD Times news digest: March 21, 2017

There’s a new kind of journal aimed at communication of machine learning results, and OpenAI is supporting its launch. Distill is a website and a set of tools that makes it easier for people to explain machine learning concepts, according to an OpenAI blog. OpenAI research scientist Andrej Karpathy will serve on the steering committee … continue reading

Report: Organizations embracing DevSecOps automation

The DevOps community is struggling with bringing security into the organization and across the software development life cycle (SDLC). However, new research from Sonatype reveals that while companies continue to face breaches, mature development organizations finally realize how critical it is to weave automated security early in the SDLC. Sonatype, a software automation and security … continue reading

Facebook’s Create React Native App, Google’s Android fraud botnet Chamois, and Intel Clear Containers updates to v2.1.1—SD Times news digest: March 14, 2017

Facebook announced the Create React Native App for React Native. Create React is a new tool that makes it easier to get started with a React Native project. It’s inspired by the design of the Create React App, and is the result of a collaboration between Facebook and Expo. With this tool, developers can develop … continue reading

Google introduces invisible reCAPTCHA, beta launch of Cloud Functions for Firebase, and Kaggle joins Google Cloud—SD Times news digest: March 10, 2017

Google is taking reCAPTCHA one step further by making it invisible. Now, human users will be let through without seeing the “I’m not a robot” checkbox, and bot and suspicious users will have to solve challenges that use Google’s risk analysis algorithms. The advantage of reCAPTCHA is its enhanced security, according to Google. It’s a … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com