Software Security Guide

Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.

Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.

Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.

IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.

A guide to DevSecOps tools This article outlines DevSecOps tools, offering a guide to solve your development security challenges The hidden costs of data breaches The average cost of a data breach is $3.86 million globally. The study found the cost of data breaches on a business’ bottom line has been steadily increasing over the past five years. How your security budget helps hackers win When a single breach can cause untold damage to your business, from millions in losses to reputational damage, operational disruption, and lost trust, you want to align your security budget with the actual threats you face.

GitHub launches new lab to tackle open-source security

GitHub wants to help protect the open-source ecosystem with the announcement of the GitHub Security Lab. The lab is designed to bring together security researchers, maintainers and companies who are dedicated to open-source security.  In addition, the company will provide tools, resource bounties ,and hours of security research.  “We all share a collective responsibility to … continue reading

SD Times news digest: Brave 1.0, Testim’s new development kit for AI-based testing, and Snyk releases new container security solution

Brave launched its new browser designed to offer users a fast browsing experience, while funding the Web through a new attention-based platform of privacy-preserving advertisements and rewards. Brave’s private ads and payment platform (Brave Rewards) is now available for iPhones and iPads in addition to desktops and Android devices.  “Either we all accept the $330 … continue reading

London Underground platform that says mind the gap

Report: Cybersecurity workforce needs to grow 145% to fill skills gap

There is currently a skills gap in cybersecurity, and companies need to go a long way to fill that gap. According to a new study from (ISC)2, the cybersecurity workforce will need to grow 145% in order to close that gap. The 2019 (ISC)2 Cybersecurity Workforce Study estimates that the cybersecurity workforce is currently made … continue reading

SD Times news digest: Google open sources Cardboard, the Microsoft Cloud Adoption Framework, and Code42’s threat detection capabilities

Google open sourced its Cardboard project that lets developers create VR experiences across Android and iOS devices.  “We think that an open source model—with additional contributions from us—is the best way for developers to continue to build experiences for Cardboard,” Google wrote in a blog post. “We’ve already seen success with this approach with our … continue reading

Sumo Logic acquires JASK for cloud-native security

Continuous intelligence company Sumo Logic announced that it acquired JASK Labs, a provider of cloud-native autonomous security operations center (ASOC) software.  Sumo Logic plans to expand its cloud-native security intelligence solution to supersede legacy SIEM technology. Ninety-three percent of security professionals think traditional SIEM solutions are ineffective for the cloud, according to the company. The … continue reading

Veracode finds DevSecOps teams are a key component to reducing security debt

Software security company Veracode has revealed that organizations should use DevSecOps as a way to reduce security debt. Similar to technical debt, security debt occurs when flaws age and accumulate without getting fixed. In their 10th annual State of Software Security (SOSS) report, the company revealed that many of the flaws discovered 10 years ago … continue reading

Report: JavaScript becomes most in-demand developer technology

JavaScript is rising the ranks as the most in-demand developer technology. Pluralsight Technologies released its Technology Index, and found JavaScript to be at the top. Last year when the company released the index in April, JavaScript scored at number four.  Following JavaScript as the most in-demand technologies are Java, HTML, Python, C++, Android, C, C#, … continue reading

Gartner’s top 10 technology trends for 2020

Gartner revealed its top 10 strategic technology trends for the next year at its IT Symposium/Xpo 2019 conference in Orlando.  According to the company, a strategic technology trend is one that has the potential to disrupt the industry and break out into broader impact and use.  Unlike last year’s trends, this year’s trend does not … continue reading

Top considerations for DevSecOps to reduce security risk

To understand an enterprise’s current state of software security risk, executives, security practitioners and development teams need information. Benchmarks provide useful information on performance and risk. However, ideas about which benchmarks are most important will differ depending upon the corporate stakeholder to whom you’re speaking. For example, a business decision-maker has to justify the expense … continue reading

Cybersecurity Awareness Month highlights growing problem

National Cybersecurity Awareness Month is observed every October as a way to raise awareness about the importance of cybersecurity, but despite the efforts to provide a safer and more secure Internet — problems still remain.  In 1998, a group of computer hackers went in front of the Senate to warn them about cyber security. The … continue reading

Facebook and top law enforcement officials battle over end-to-end encryption

Top law enforcement officials are urging Facebook to stop its privacy initiative. In an open letter to Facebook, government officials from the United States, United Kingdom and Australia told Facebook it should not proceed with its plans without “including a means for lawful access to the content of communications to protect our citizens.” It also … continue reading

Report: Shifting left does not solve security problems

The rise of DevSecOps has stressed the importance of shifting security left in order to provide better protection. A recently released report, though, found shifting left isn’t enough. In order for security to be viewed as more than just an extra step, it needs to be built into the entire life cycle. Puppet, CircleCI and … continue reading

1 2 3 40
© 2019 D2 Emerge LLC.
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!