Topic: security
Transitioning from DevOps to Rugged DevOps: Avoiding the pitfalls
As many as four out of five companies leveraging a DevOps approach to software engineering do so without integrating the necessary information security controls, underscoring the urgency with which companies should be evaluating “Rugged” DevOps (also known as “shift left”) to build security into their development life cycle as early as possible. Rugged DevOps represents … continue reading
Ensure security and quality at speed
Today’s companies must become software companies to keep pace with competitive pressures and customer demands. As organizations become increasingly software-enabled, their footprints are extending out to cloud environments and the Internet of Things (IoT), increasing application complexity and the associated risks. With Synopsys, software teams can avoid the usual trade-offs between faster time-to-market imperatives, security … continue reading
Protego releases starter plan for serverless security
Serverless security provider Protego is offering a new version of its platform to help enterprises adopt serverless. The free starter plan will feature full functionality, protection for up to one million invocations and 30 days of data retention. “More and more companies are looking to capitalize on the benefits of serverless computing without putting much … continue reading
Microsoft Ignite themes: Security, AI and data, IoT and edge computing
Microsoft kicked off its Ignite conference this morning with a boatload of announcements primarily around three themes: IT security, AI and data, and IoT and edge computing. With cyberattacks continuing to harm organizations around the world, Microsoft announced Secure Score, a report card for assessing their current state of security as well as making recommendations … continue reading
erwin acquisition of AnalytiX DS rounds out its data governance platform
Data governance software company Erwin has acquired metadata management company AnalytiX DS to position itself as one of the only software providers to own and fully integrate each area of data governance and management. The acquisition, according to erwin CEO Adam Famularo, “provides us with all the metadata management tools as well as all the … continue reading
Google introduces multi-language, cross-platform cryptographic library
Google wants to ensure developers have the tools necessary to protect user data with the open-source release of Tink. This new project is a multi-language, cross-platform cryptographic library designed to ship secure cryptographic code. “At Google, many product teams use cryptographic techniques to protect user data. In cryptography, subtle mistakes can have serious consequences, and … continue reading
SD Times news digest: New two-factor authentication approach, The LF Deep Learning Foundation and Linux 4.19-rc1
Researchers from the University of Alabama at Birmingham have announced a new two-factor authentication method that uses wearables and speech signals. The method “Listening-Watch” uses wearable devices such as smartwatches, activity trackers, and browser-generated speech sounds to perform two-factor authentication. “Listening-Watch offers two key security features,” said Nitesh Saxena, professor in the UAB College of … continue reading
Semmle emerges with new approach to software engineering analytics
Semmle is making its global debut today with a new solution that could help speed up the development of secure software code. The company’s software analytics platform includes a “Looks Good to Me” solution as well as a query engine for preventing software mistakes. In addition, the company is launching with a $21 million series … continue reading
SEI CERT releases open-source Source Code Analysis Laboratory for pinpointing vulnerabilities
The Software Engineering Institute’s (SEI) CERT Division at Carnegie Mellon University released an open-source static analysis aggregator/correlator this week. Source Code Analysis application (SCALe) is designed to find vulnerabilities in application source code via multiple, independent static analysis tools. Compatible with any source code language, this public release of SCALe provides alerts based on two … continue reading
TLS 1.3 approved and released with improved encryption and speed
The Transport Layer Security (TLS) protocol, an integral technology in end-to-end data protection, has been updated to version 1.3 this month with improvements to security, performance, and stripping some insecure optional features from the previous version 1.2. According to the Internet Engineers Task Force (IETF), TLS 1.3 introduces improved encryption during the negotiation handshake stage … continue reading
SD Times news digest: Android Pie SDK, Contrast Security’s free DevSecOps solution, and Status partners with Nim
Following this week’s announcement of Android 9 Pie, Google is releasing a new Android SDK that offers more Kotlin features. According to the company, Android developers often run into problems with the Java programming language when accessing a null reference. Kotlin addresses this problem by providing nullable and non-nullable types in the type system, the … continue reading
SD Times news digest: Xamarin support for Android 9.0, Google’s tips for developing Actions, and Siemens’ low code acquisition
Xamarin has announced support for Android 9.0 in the latest preview release of Xamarin.Android for Visual Studio 2017 and Visual Studio for Mac. The download is available today in the Visual Studio Preview channel and Visual Studio for Mac Beta channel. New features introduced in Android P include display cutout, notification enhancements, indoor positioning, and … continue reading
Get access to this and other exclusive articles for FREE!
There's no charge and it only takes a few seconds.
Sign up now!