The Android development team today shared a number of new features and updates that are designed to help users balance their needs and achieve mobility goals with Android Enterprise. A few notable highlights include the launch of the first Android Enterprise Vulnerability Rewards Program, embracing the use of Custom Tabs for developers to integrate authentication … continue reading
Threatmapper is a cloud-native security observability platform that scans, maps, and ranks vulnerabilities from development through production across serverless, Kubernetes, container, and multi-cloud environments. This Wednesday, it was open-sourced by Deepfence under the Apache 2.0 license. “By open sourcing ThreatMapper, we aim to help developers, DevOps, DevSecOps, and security teams identify and prioritize threats quickly … continue reading
Today the developer security company Snyk introduced new product innovations, DigitalOcean and HashiCorp partnerships, and launched Snyk Learn as part of SnykCon 2021. Snyk Code, which offers a dev-first approach to static application security testing tooling just received support for C#, Ruby, PHP and Go added to Java, Javascript, and Python. Also, Snyk Open Source … continue reading
Just over half of developers feel that security policies stifle their innovation and only about a third of developers reported that they are thoroughly educated on the security procedures they are expected to execute, according to a new report by VMware and Forrester. Forrester conducted a VMware-commissioned survey called “Bridging the Developer and Security Divide” … continue reading
New data shows a direct correlation between resignations, departing employees, and data exposure events. This is of particular interest to organizations currently as companies experience what’s been called “the Great Resignation.” As employees leave their companies, they oftentimes — intentionally or otherwise — take valuable source code, patent applications, and customer lists with them. Code42, … continue reading
Microsoft today announced that users of Outlook, OneDrive, Family Safety, and more can now opt out of using passwords and choose alternative authentication methods, predicting that “the future is passwordless.” This comes after the company announced that passwordless sign-in was generally available for commercial users, bringing the feature to enterprise organizations around the world. Some of the … continue reading
Snyk announced that it closed a $530 million Series F investment, which now totals the company’s funding to-date to $8.5 billion. “This new investment, together with the rapid adoption of our platform and growing customer base, validates our developer security vision,” said Peter McKay, CEO of Snyk. “When security starts with the world’s expanding pool … continue reading
The latest edition of the OWASP Top 10 showed that all of the highest-priority vulnerabilities since 2017 have shifted and new ones have been introduced. Broken Access Control has dethroned Injection as the top vulnerability, whereas it previously held fifth place. The 34 Common Weakness Enumerations (CWEs) mapped to Broken Access Control had more occurrences … continue reading
Micro Focus announced the release of UFT Mobile 2021 which visually enhances the mobile testing experience, optimizes utilization of devices, simplifies administration capabilities, and supports additional technologies. The dashboard can also assist with decision making. For example, device information is useful when deciding if additional devices of a certain OS version are required in general … continue reading
As developers begin to be responsible for more and more elements beyond just coding, having tools take some of the burden off them will become important. Developers are now expected to become security experts, and while it’s important to know the basics such as how to write secure code, there also becomes a dependence on … continue reading
We’ve had Solar Winds. Kaseya. Microsoft Exchange. We’ve heard of millions upon millions of personal data files being hacked and exploited. So, why was it that the Colonial Pipeline ransomware attack was the one to get people focused on software and infrastructure security? The easy answer is because it hit consumers at the gas pump, … continue reading
Grafana Labs announced $220 million in Series C that it said it will use to focus on accelerating the development of its open-source observability platform. The company also recently added k6, the company behind the open-source load-testing tool, and Pace.dev, a team known for creating tools with great developer experience, to the Grafana Labs family. … continue reading
