The DevOps community is struggling with bringing security into the organization and across the software development life cycle (SDLC). However, new research from Sonatype reveals that while companies continue to face breaches, mature development organizations finally realize how critical it is to weave automated security early in the SDLC. Sonatype, a software automation and security … continue reading
Google is taking reCAPTCHA one step further by making it invisible. Now, human users will be let through without seeing the “I’m not a robot” checkbox, and bot and suspicious users will have to solve challenges that use Google’s risk analysis algorithms. The advantage of reCAPTCHA is its enhanced security, according to Google. It’s a … continue reading
Google has put work into running its millions of lines of Python code, and those efforts have now turned into Grumpy: a new experimental Python runtime for Go. Grumpy translates Python code into Go programs, and it supports Google’s Python codebase. It is meant to be a drop-in replacement runtime for pure Python projects, according … continue reading
Yahoo has been hacked, again. The company Wednesday disclosed that a newly discovered data breach had exposed the private information of more than one billion Yahoo users. It is believed that this breach is separate from the breach disclosed this September, where 500 million accounts were jeopardized. Regardless, the news means Yahoo has been the … continue reading
It’s the holiday season, and retailers are watching their online sales climb. Business may be booming for these companies, but shoppers beware: 100% of these retailers have issues with domain security, according to SecurityScorecard’s “2016 Biggest Holiday Retailers Cybersecurity Report.” When it comes to cybersecurity, retailers have a lot to worry about, especially since these … continue reading
The Application Developers Alliance has conducted a story on Android device customization and consumer choices, and they found that apps tend not to be exclusively used, and almost all Android users customize their phone and their home screen. The report also found that most Android users prefer their new devices to come with apps “ready … continue reading
After discovering malicious users that were using open-source projects to participate in dangerous activities like bitcoin mining, SourceClear created a free project to help the community discover suspicious builds before they become an issue. SourceClear, which is dedicated to helping developers use open-source software safely, has spent the last 18 months trying to dig deep … continue reading
The holidays are a time for shoppers to reap the benefit of online deals—and for hackers to leverage software vulnerabilities in retail systems and applications. In order to prepare for this year, IT monitoring experts suggested developers and operations teams incorporate adequate security testing as part of their holiday preparedness checklist. The biggest mistake organizations … continue reading
Veracode today released its findings from its annual State of Software Security Report, which revealed that the persistent use of components in software development is creating unmanaged risk. The report also found that companies can benefit if they accelerate their application security programs. Veracode found that a single popular component with a critical vulnerability spread … continue reading
Cloudflare has published information about recent attacks it has seen against its system, and these attacks highlight new DDoS trends where hackers are able to bring down more web application servers at a time. According to a blog post written by Cloudflare’s Marek Majkowski, these new attacks appear to come from the Mirai botnet, which … continue reading
After a recent investigation surfaced regarding Yahoo’s network hack that resulted in at least 500 million user accounts being stolen, Yahoo released a statement on its Tumblr to discuss what actions it’s taking to protect its users. To start, Bob Lord, chief information security officer of Yahoo, wrote in an e-mail that the company is … continue reading
Red Hat made a few updates to its container application platform offerings to bring operations teams and application managers automation at scale. Red Hat’s OpenShift Container Platform 3.3 is now available, enhancing enterprise scalability and increasing speed and workflow automation. It also enables users to deploy their modern applications over multiple infrastructures. With new delivery … continue reading