Software Security Guide

Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.

Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.

Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.

IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.

 

SD Times news digest: Security Compass launches hands-on training lab, Capacitor Core plugin changes, and Apache weekly updates

Security Compass has announced a hands-on training lab for balanced development automation. The new interactive virtual lab offers training across multiple exploit scenarios to help developers understand common vulnerabilities and how to build secure software, the company explained.  The training lab can now be added to existing subscriptions for the Software Security Practitioner (SSP) Suites, … continue reading

SD Times news digest: Ionic Capacitor 3.0 beta released, GitHub Enterprise Server 3.0, and Accenture acquires Wolox

Ionic has announced the beta release of Ionic Capacitor 3.0. The new version of the cross-platform runtime includes improvements to community involvement, adaptability, first-class APIs, and developer experience and productivity. Ionic also added the Proposals repo to make it easier to plug in ideas into a project by creating proposals as well as gauge interest … continue reading

Microsoft on how open source and software development can improve in 2021

2020 was a big year for open source. Sixty million new repositories were created last year, and more than 56 million developers are now on GitHub, according to GitHub’s Octoverse report. This prompted Microsoft to lay out a few things developers can do to improve their engagement with open source moving forward. The first lesson … continue reading

SD Times news digest: Harness reaches $1.7 billion valuation, Dynatrace integrates with Snyk Intel data, and WhiteSource expands native support for IDEs

Software delivery platform Harness announced that it will use its recent $115 million in funding to grow its engineering team, support global expansion plans, and extend its intelligent software delivery platform vision. Harness provides an end-to-end platform for intelligent software delivery that implements machine learning to detect the quality of deployments.  “Our goal is to … continue reading

GCC front-end for Rust gets new funding for its development efforts

Open Source Security, Inc. has announced new funding for the GCC front-end for Rust project. The funding will go towards full-time and public development efforts.  GCC front-end for Rust is an open-source project designed to provide an alternative Rust compiler for GCC. “The origin of this project was a community effort several years ago where … continue reading

Analyst Watch: AppSec that doesn’t break the bank

Security testing is an essential part of application development. Issues that appear as security vulnerabilities are often a product of poor code development, and testing helps identify such vulnerabilities early on in the application development process. Yet, security testing can be expensive, and security leaders often find it difficult to justify its cost. Senior management … continue reading

SD Times news digest: F5 acquires Volterra to create Edge 2.0 for the enterprise, WinUI 3 preview 3 released, and Intel’s RealSense ID Facial Authentication

F5 has entered into a definitive agreement to acquire privately held Volterra, a universal edge-as-a-service platform provider, for approximately $440 million in cash. According to F5, it will incorporate Volterra’s technology platform to create its own edge platform built for enterprises and service providers that will focus on security and scalability.  “With Volterra, we advance … continue reading

SD Times news digest: Infragistics Ultimate 20.2 released, BMC new mainframe enhancement, GrammaTech awarded DARPA AIE program

Infragistics Ultimate 20.2 is a complete UX and UI solution that is compatible with Microsoft’s latest .NET 5 release.  According to the company, users can speed up their app creation by using the new Indigo.Design App Builder drag and drop tool.  Infragistics Ultimate 20.2 also includes new components and features such as toolkits for Angular, … continue reading

Developers take a larger role in security

As companies shift their businesses to engage with customers online, developers are becoming a center point for innovation. So as these companies build out DevOps and DevSecOps practices, they’re assembling teams around the developer to ensure that as they’re building new features at a rapid pace, security and operations components move along with that. Yet … continue reading

Secure code training tops 2021 software development agendas

There’s a highly contested debate lingering throughout the software development community that, surprisingly, does not stem from the global pandemic — whether functionality or performance ranks priority one when talking about secure coding. In the rush to meet software development needs, there is a general acceptance that although “secure code perfection” is the goal, achieving … continue reading

SD Times news digest: Cloudflare acquires Linc, Amazon launches AWS Glue custom connectors, ThreatStack now available for Ruby Gems and NPM

Cloudflare’s acquisition of Linc, the automation platform that helps front-end developers collaborate, will create seamless integration between Pages and Cloudflare Workers, a serverless execution environment. that allows users to create entirely new applications or augment. Linc offers a straightforward path to building end-to-end applications on Pages with both frontend and backend logic in one bundle. … continue reading

Veracode uncovers the top security issues facing specific programming languages

It’s not enough to keep on top of the most common security issues plaguing software today. Developers should understand exactly what issues are impacting the programming languages they are using. Veracode has released new data that shows the top security flaws affecting .NET, C++, Java, JavaScript, PHP and Python.  “Knowing these trends in application security … continue reading

1 2 3 51
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!