Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.
Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.
Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.
IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.
Wind River unveiled its latest offering, the Wind River Studio Linux Security Scanning Service. This service, designed specifically for embedded Linux development, offers high-quality scanning capabilities to detect and identify Common Vulnerabilities and Exposures (CVEs) and is currently accessible to users free of charge. The new service goes beyond detection and also provides information on … continue reading
OpenAI announced that it is launching the Cybersecurity Grant Program, which is a $1 million initiative to boost and quantify AI-powered cybersecurity capabilities and to foster high-level AI and cybersecurity discourse. The company aims to collaborate with security professionals worldwide in order to shift the balance of power in cybersecurity. Their strategy involves leveraging AI … continue reading
Red Hat Service Interconnect, which can simplify application connectivity and security across platforms, clusters, and clouds, is now generally available after being announced at Red Hat Summit. The solution is based on the open-source project Skupper.io, which enables secure communication across Kubernetes clusters with no VPNs or special firewall rules. According to Red Hat, application … continue reading
InfluxDB announced expanded time series capabilities across its product portfolio with the release of InfluxDB 3.0, the company’s rebuilt database and storage engine for time series analytics. “InfluxDB 3.0 is a major milestone for InfluxData, developed with cutting-edge technologies focused on scale and performance to deliver the future of time series,” said Evan Kaplan, CEO … continue reading
GitLab announced that it has been expanding support for Code Suggestions, has added a new level of visibility with Value Stream Dashboard, and has added a new and improved license compliance scanner along with license approval policies. The company’s aim behind the improvements is to help fill the skills gap since security engineers are outnumbered … continue reading
Application security testing company GrammaTech and AppSecOps company ArmorCode have announced a technology integration partnership geared at helping users automate product security across development, testing, feedback, and deployment. With the GrammaTech CodeSonar static application security testing (SAST) platform, ArmorCode users gain improved safety and security vulnerability intelligence for integrating application security capabilities into CI/CD pipelines. … continue reading
In today’s digital age, ensuring secure authentication at your organization is more crucial than ever. With the increasing prevalence of cyber attacks, data breaches, and identity theft, it is imperative for businesses to implement robust security measures to protect their sensitive information and assets. Passwords are still the leading cause of security breaches, and we’ll … continue reading
Tython is an open-source Security as Code framework and SDK that is geared towards building security design patterns as-code. It takes an architectural approach to cloud security, supports the user’s choice of programming language, and removes vendor lock-in. With Tython, customers can design reusable security references architectures as-code with pre-built blueprints so that they don’t … continue reading
The newly launched CodeWhisperer is a tool that uses AI-generated suggestions to help developers maintain their focus and stay productive by allowing them to write code quickly and securely without disrupting their workflow by leaving their IDE to look up information. The tool is especially useful for creating code for routine and time-consuming tasks, and … continue reading
Melissa, provider of data quality; identity verification; and address management solutions, recently advised expanding negative news screening operations, also known as adverse media screening (AMS), to businesses and individuals being onboarded to financial organizations. The company stated that AMS has become increasingly more important in customer due diligence operations, where organizations are required to perform … continue reading
Google announced a new data deletion policy to provide users with more transparency and authority when it comes to managing their in-app data. Developers will soon be required to include an option in their apps for users to initiate the process of deleting their account and associated data both within the app and online on … continue reading
Cybersecurity costs companies billions of dollars a year, with that cost expected to be in trillions by 2025, according to some cybersecurity research firms. Consider the Marriott hotels’ leak of 500 million customer records for which Marriott took a $126 million charge; and Equifax, an American credit reporting agency, spent 1.4 billion dollars on cleanup … continue reading