Software Security Guide

Securing an application is just as important as building it in the first place. As data becomes more valuable, there are more people who want to steal it and use it for their own personal gain.

Making sure applications are indeed secure has always been a challenge, as hackers try to stay one step ahead of defenders. When organizations ran their applications in their own data centers, firewalls were an effective way of denying hackers access. The explosion of the Internet led to the creation of web applications, with entry points via the browser into client-side code that could endanger the organization.

Further, the increased speed of feature delivery in software stresses security teams trying to prevent hacks and data breaches. Today, with application modularity and edge computing increasing, along with the increased use of open-source software, that challenge has only become more difficult. Hackers now have more surface area to target than ever before. Here are the top threats organizations face as they work to secure their applications, data and systems.

IT and developers must work to ensure that their applications and systems are secure. On the development side, security touches nearly every step of the process, from the planning stage, development, to testing. The use of automation in security can help organizations stay one step ahead.

 

Industry Watch: Internet crime complaints rise

The warranty on your car is about to expire. Press 1 to purchase an extension. Someone has stolen your bank information. Click here to change your social security number. Your grandchild has been kidnapped. Send money to help us return the child safely. We get phishing emails like these literally all day long, and now … continue reading

Analyst View: Shift testing left, but bank right

I’ve spent most of my professional life convincing businesses to shift things left — shift-left testing for software, shift-left demand and supply forecasts for supply chains, shift-left analytics to understand future implications earlier than your competition. Hopefully that explains why it seems heretical for me to talk about shift-right testing at all. Will shift-right testing … continue reading

SD Times news digest: .NET 6 Preview 3, WhiteSource announces new funding for app security, and Canonical adds full enterprise support for Kubernetes 1.21

.NET 6 Preview 3 now available. The platform matrix of .NET 6 was significantly expanded as of the new preview with the addition of Android, iOS, Mac and Mac Catalyst for x64 and Apple Silicon and Windows Arm64.  The CollectionsMarshal.GetValueRef API was added to make updating struct values in Dictionaries faster and is intended for … continue reading

Mobile security lessons learned from mobile game cheats

Mobile games are often broken into so users can access premium content, paid features and obtain in-game currency. This is done by tampering with memory, bypassing payments and touchID screens, and downloading paid apps for free — and can be done on both jailbroken or non-jailbroken devices.  In a recent webinar on SD Times, Jan … continue reading

BMC’s latest updates focus on modernizing mainframe app development and delivery

BMC, a provider of software solutions for the autonomous digital enterprise, announced new offerings and integrations with its BMC Automated Mainframe Intelligence (AMI) and BMC Compuware portfolios that focus on streamlining mainframe application development, increased uptime and faster threat detection.  The BMC Compuware ISPW solution for software change management enables developers to easily edit source … continue reading

SD Times news digest: Microsoft Team’s new bug bounty program, FSF’s board statement on governance, and Open Source Initiative’s election hacked and remediation

Microsoft announced bug bounty awards for Teams desktop client security research under the new Microsoft Applications Bug Bounty Program.  The program includes five scenario-based awards for vulnerabilities that have the highest potential impact on customer privacy and security and also general bounty awards for other valid reports for the Teams desktop client that don’t qualify … continue reading

LeanIX adds microservice intelligence and Cleanshelf to its portfolio

The enterprise architecture and cloud governance company LeanIX made new SaaS management and microservices updates to its portfolio this week. The company announced it has acquired Cleanshelf, a SaaS management provider; and added Microservice Intelligence to its Continuous Transformation Platform.  Cleanshelf’s software provides an automated view of all SaaS applications in an enterprise, simplifies management … continue reading

What a successful shift-left security program looks like

In today’s ever-changing world, businesses need to have a strong application security (AppSec) program in order to succeed and survive. Many businesses are taking a shift-left approach to security, moving security earlier in the application life cycle — but this puts a lot of pressure on the development team that is already pressured to move … continue reading

Potentially huge new markets for developers

At CES this year, an impressive number of enterprise providers presented solutions for homes mostly focused on home offices, robotics, and automobiles (emphasizing autonomous electric cars).  Companies like Caterpillar, BlackBerry, Hive, IBM, Philips, Google, Amazon, Twitter, Wing Venture Capital, and others are showcasing solutions that are being asked to bridge capabilities between homes and large … continue reading

SD Times news digest: DeepSee.ai Knowledge Process Automation Platform, Progress Telerik Test Studio update, and Jetpack Tiles library in alpha

DeepSee.ai announced it has received $22.6 million in series A funding to accelerate product development and to expand the platform beyond the capital markets and insurance verticals. The DeepSee.ai’s Knowledge Process Automation Platform offers a cloud-agnostic approach to deliver improvements and is also designed to integrate with existing systems and tools.  “We founded DeepSee to … continue reading

SD Times news digest: .NET 6 Preview 2, Accusoft PDF Viewer, and Menlo Security’s web isolation for mobile devices

The second preview of .NET 6 is now available with new APIs, runtime improvements, and early .NET MAUI builds. According to the team, with this announcement they are now back on schedule to monthly previews until .NET 6 is officially released in November.  Once released, .NET 6 will be supported for three years as a … continue reading

SD Times news digest: The Hacker Gamers by Veracode, GrammaTech Shift Left Academy, and Talend to be acquired by Thoma Bravo

Veracode has introduced a secure coding competition, The Hacker Games, which aims to challenge university students to hack and patch real-life apps online to win individual prizes, plus $15,000 in charitable donations for the top universities. “Training around secure coding is almost absent at the university level. We’ve launched The Veracode Hacker Games to help … continue reading

1 2 3 53
Ad will close in seconds
Continue to site
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!