Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.
Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.
Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.
IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.
Chef announced new capabilities designed to enable coded enterprises to build competitive advantage through automation and DevSecOps innovations. “Since our last ChefConf, we have been intensely focused on harnessing our long experience in operating at massive scale and speed while enabling unprecedented ease of use,” said Barry Crist, the CEO of Chef. The new Chef … continue reading
Linux 5.7 is now available. The updated version includes many changes such as ‘mmc: sdhci: Fix SDHCI_QUIRK_BROKEN_CQE,’ ‘copy_xstate_to_kernel(): don’t leave parts of destination uninitialized’ and the fixed Fix max PFN arithmetic overflow on 32 bit systems,’ among many others. The shortlog available here includes the changes that came in this last week since rc7. Aqua … continue reading
Mozilla, Reddit, Twitter, Patreon, and other other tech companies are pushing for the House of Representatives to consider the Wyden/Daines amendment when they look at the USA FREEDOM Reauthorization Act. The amendment would expressly prohibit the use of Section 215 of the USA PATRIOT Act for the warrantless collection of search and browsing history. The … continue reading
With November’s election approaching, election security is something many people are already starting to think about. Data verification company Melissa has announced that it will be offering free data optimization services that will improve registered voter rolls and encourage fair election processes. According to Melissa, the combination of increasing numbers of vote-by-mail options and an … continue reading
A few months ago, before the COVID-19 pandemic broke out, the near-term future of the smartphone seemed obvious. We were moving to foldable devices with the only question being whether these devices would unfold to get to tablet size (Samsung) or fold down to fit better in your pocket (Samsung, Motorola). But with the collapse … continue reading
Cloudera announced an expanded set of machine learning capabilities is now available in the Cloudera Machine Learning (CML). Capabilities include new MLOps features and Cloudera SDX for models. “Data scientists, machine learning engineers, and operators can collaborate in a single unified solution, drastically reducing time to value and minimizing business risk for production machine learning … continue reading
Security has become enough of a drumbeat issue that its importance has trickled down from the CISOs through the security organization to software developers. And slowly but surely, developers are beginning to take ownership of security as a part of the development life cycle. But this heightened awareness of security hasn’t necessarily led to better … continue reading
The Linux Foundation has announced a cross-industry coalition called the Trust over IP (ToIP) Foundation. ToIP was launched to enhance universal security and privacy protocols for consumers and businesses within the government, nonprofits and private sectors, and across finance, health care, and enterprise software. As businesses struggle to protect and manage digital assets and data, … continue reading
Redis Labs has announced the release of Redis 6.0 and Redis Enterprise 6.0 with new security capabilities. Redis 6.0 now includes access control lists (ACLs), while Redis Enterprise 6.0 builds on the open-source release with role-based access control (RBAC) and support for Redis Streams for Active-Active databases. “Developers increasingly need to build geographically distributed event-based … continue reading
Amazon released AppFlow to help developers gain meaningful insights from data that is now living in lots of different places. According to the company, SaaS application adoption is increasing rapidly, and it is becoming very complex for developers to access the data from these applications. “Developers spend huge amounts of time writing custom integrations so … continue reading
Microsoft has been collecting 13 million work items and bugs since 2001, and used that data to create a machine learning model to fight software bugs. According to the company, the model distinguishes between security and non-security bugs 99% of the time and identify the high-priority bugs 97% of the time. “At Microsoft, 47,000 developers … continue reading
Security is one of the first boxes to tick in the journey to the hybrid cloud, yet it’s still the one giving IT teams the most headaches. The recent 2020 State of Application Services Report, a survey of 2,600 respondents globally across all verticals, backs this up. Respondents listed the top challenges in managing a … continue reading