Report: Majority of Java apps are susceptible to hack attacks

Java developers should be more aware of the open source software components they put in their applications if they want to avoid a security breach. A new report release by Veracode, a CA Technologies company, revealed 88% of Java apps include at least one vulnerable component, and about 53.3% of Java apps rely on a … continue reading

GitHub Universe outlines plans for the future of software development

About ten years ago, GitHub embarked on a journey to create a platform that brought together the world’s largest developer community. Now that the company believes it has reached its initial goals, it is looking to the future with plans to expand the ecosystem and transform the way developers code through new tools and data. … continue reading

ShiftLeft releases Security as a Service solution for cloud and microservices

A new company is exiting stealth mode today with a mission to help organizations protect their cloud and microservices applications. ShiftLeft is an application-specific cloud security provider designed to secure cloud apps as part of the continuous integration pipeline rather than tackling threats as they are discovered in production. According to the company, while the … continue reading

Microsoft releases automated root cause analysis tool

Microsoft is giving engineers and developers a way to combat memory corruption issues with the release of VulnScan. VulnScan was created by the Microsoft Security Response Center after receiving a number reports about potential product vulnerabilities. “In practice, a significant proportion of these reports turn out to be memory corruption issues.  In order to root … continue reading

Building application security in from start to finish

Building end-to-end security into the software development process from the requirements phase through code delivery to production, is easier said than done. Often companies only run a few security tests and activities. That’s no longer good enough. In today’s environment it’s necessary to use multiple techniques to scour the entire software development lifecycle (SDLC) from … continue reading

ActiveState’s ActiveRuby beta release, the Windows Bounty Program, and AnchorFree’s net neutrality SDK — SD Times news digest: July 27, 2017

Just weeks after releasing its commercial Go programming language distribution, ActiveState is taking on a new language. The company announced the beta release of ActiveRuby, its commercially supported Ruby distribution. ActiveRuby is based on Ruby 2.3.4, and provides easy installation, and features for the development and deployment of Ruby apps. “For enterprises looking to accelerate … continue reading

Black Hat USA 2017: Machine learning is not a silver bullet for security

Machine learning brings new opportunities in the software security realm by offering new ways to handle data, detect malware and improve solutions. However, the problem with machine learning today is that it can be marketed as a silver bullet to catch all things in the security industry, when in reality the technology still has many … continue reading

Microsoft announces the Microsoft Security Risk Detection tool

Microsoft is releasing a new tool that uses artificial intelligence to find and detect software bugs. The Microsoft Security Risk Detection tool, previously known as Project Springboard, will be available by the end of the summer. “The tool is designed to catch the vulnerabilities before the software goes out the door, saving companies the heartache … continue reading

Apollo Server 1.0, GitHub’s Internet Bug Bounty donation, and the Google Cloud Platform — SD Times news digest: July 21, 2017

A new GraphQL server is now available for all Node.js frameworks. Apollo Server is a open-source GraphQL server that is community-maintained and works across: Express, Connect, Hapi, Joa, AWS Lambda, Restify and Micro. The Apollo team announced version 1.0 of the server this week. It is built for the community, for simplicity and for performance. … continue reading

Distil introduces API security solution to defend against bots

Distil Networks is protecting the web from malicious bots with its newly announced Bot Defense for API solution. Bot Defense is designed to prevent malicious bots from accessing the API servers powering public-facing websites and mobile apps. “While usage of APIs to drive web and mobile apps is exploding, the security of those APIs remains … continue reading

DevOps is failing these three tenets of privacy compliance

If you’re like many organizations with data security concerns, you probably believe your automated tests are sufficient to catch any potential security or privacy vulnerabilities. The scenario is familiar: You’re streaming data from multiple sources into your SEIM systems, and you’ve configured triggers for the reporting process. You keep a close eye on results from … continue reading

Five best practices to keep containerized infrastructure safe and secure

Software containers are indisputably on the rise. Developers looking to build more efficient applications and quickly bring them to market love the flexibility that containers provide when building cloud-native applications. Enterprises also benefit from productivity gains and cost reductions, thanks to the improved resource utilization containers provide. Some criticize containers as being less secure than … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com