Software Security Guide

Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.

Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.

Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.

IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.

A guide to DevSecOps tools This article outlines DevSecOps tools, offering a guide to solve your development security challenges The hidden costs of data breaches The average cost of a data breach is $3.86 million globally. The study found the cost of data breaches on a business’ bottom line has been steadily increasing over the past five years. How your security budget helps hackers win When a single breach can cause untold damage to your business, from millions in losses to reputational damage, operational disruption, and lost trust, you want to align your security budget with the actual threats you face.

2019: Lack of cybersecurity skills and best practices strain security

Security has hit a low point this year, as 2019 saw the 2nd, 3rd and 7th biggest breaches of all time measured by the number of people that were affected.  The largest breach of the year occurred in May when First American Financial Corporation leaked 885 million records of documents related to mortgage deals going … continue reading

SD Times news digest: Solo.io’s WebAssembly Hub, Accenture’s cloud-native solution, and EDB Postgres platform 12

Software company Solo.io launched the WebAssembly Hub to allow users to easily add new functionalities to their service mesh. “At Solo.io, we believe that extending the functionality of your service mesh should be simple and secure,” said Idit Levine, founder and CEO of Solo.io. “This is why we’re excited about integrating Wasm with Envoy Proxy. … continue reading

4 key practices for securing mobile APIs

As mobile APIs become more full-featured and rich, they become more dependent on data, key stores and connectivity profiles that can result in new vectors of attack. This drives the need for better security and best practices to patch up those vulnerabilities.  Gartner expects that API abuse will be the number one attack vector for … continue reading

SD Times news digest: Check Point’s new serverless security technology, AppSheet adds Optical Character Recognition capabilities, and Dataiku 6

Check Point announced that it will be integrating serverless security technology into its Infinity architecture, its security solution designed to support networks, mobile, endpoint, IoT and cloud environments. The serverless security technology is provided by Protego and designed to prevent malicious attacks on serverless functions in runtime and prevent vulnerable code from being deployed into … continue reading

Sir Tim Berners-Lee officially launches the Contract for the Web

The Contract for the Web is officially coming to life. The contract was created by web inventor Sir Tim Berners-Lee as a global plan of action to make the online world safer and accessible by anyone. “The power of the web to transform people’s lives, enrich society and reduce inequality is one of the defining … continue reading

SD Times news digest: Fugue’s free tier for developers, OutSystems announces AI assistant app dev capability, and Mozilla’s bug bounty security program

Fugue announced a free tier for Fugue Developer, which provides automation tools to visualize cloud infrastructure, identify misconfiguration risks, and demonstrate compliance “The cloud upended traditional IT security, forcing hard tradeoffs between agility and security,” said Phillip Merrick, CEO of Fugue. “Fugue Developer puts cloud security in the hands of the software developers building and … continue reading

IBM addresses security in the cloud with Cloud Pak for Security

As organizations start to move to the cloud and adopt multi-cloud and hybrid cloud environments, IBM wants to ensure data stays secure. The company today announced Cloud Pak for Security, a new solution that connects security tools, cloud and on-premise systems without having to move data.  IBM first introduced Cloud Paks in June as a … continue reading

SD Times new digest: WhiteSource for Containers, Trend Micro’s new cloud security solutions, and Apple and Salesforce’s new products

WhiteSource announced new and expanded support for all of the top five container registries: Docker, Amazon ECR, JFrog Artifactory, Azure Container Registry, and Google Container Registry. This allows enterprises to track vulnerabilities in file systems, installed packages, image layers and handled archive files without having to manually download and scan containers or images, according to … continue reading

GitHub launches new lab to tackle open-source security

GitHub wants to help protect the open-source ecosystem with the announcement of the GitHub Security Lab. The lab is designed to bring together security researchers, maintainers and companies who are dedicated to open-source security.  In addition, the company will provide tools, resource bounties ,and hours of security research.  “We all share a collective responsibility to … continue reading

SD Times news digest: Brave 1.0, Testim’s new development kit for AI-based testing, and Snyk releases new container security solution

Brave launched its new browser designed to offer users a fast browsing experience, while funding the Web through a new attention-based platform of privacy-preserving advertisements and rewards. Brave’s private ads and payment platform (Brave Rewards) is now available for iPhones and iPads in addition to desktops and Android devices.  “Either we all accept the $330 … continue reading

London Underground platform that says mind the gap

Report: Cybersecurity workforce needs to grow 145% to fill skills gap

There is currently a skills gap in cybersecurity, and companies need to go a long way to fill that gap. According to a new study from (ISC)2, the cybersecurity workforce will need to grow 145% in order to close that gap. The 2019 (ISC)2 Cybersecurity Workforce Study estimates that the cybersecurity workforce is currently made … continue reading

SD Times news digest: Google open sources Cardboard, the Microsoft Cloud Adoption Framework, and Code42’s threat detection capabilities

Google open sourced its Cardboard project that lets developers create VR experiences across Android and iOS devices.  “We think that an open source model—with additional contributions from us—is the best way for developers to continue to build experiences for Cardboard,” Google wrote in a blog post. “We’ve already seen success with this approach with our … continue reading

1 2 3 40
© 2019 D2 Emerge LLC.
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!