Robert Haynes, open source and SCA evangelist at Checkmarx As the Application Security Testing (AST) pioneer and leader, Checkmarx has been relentless in our mission to continuously innovate, leading the industry with solutions that measurably improve security for software-driven organizations that develop their own applications. The Checkmarx suite of AST solutions fits perfectly into modern … continue reading
Recent large-scale attacks on enterprise and infrastructure security have led the federal government and private businesses to rethink the way they manage security. Last month’s ransomware attack on the Colonial Pipeline shut down the main part of its network for five days, affecting fuel supplies across the United States. Additionally, an attack on SolarWinds infrastructure … continue reading
As organizations look towards DevSecOps as a way to infuse security throughout the software development life cycle while at the same time accelerating releases, more sides of the business have their hands on deck regarding security. However, it’s still the security side that’s on the hook when a major breach happens. “People like to say … continue reading
Spectral’s newly released Preflight solution is an open-source tool designed to help developers defend against supply chain attacks by automatically verifying and safely executing a user’s CI and third-party scripts. The solution queries popular anti-malware services to verify and block binaries if they contain malware. “Hackers have become increasingly sophisticated, with a variety of tools, … continue reading
Application security initiatives and programs are getting good at getting down to where an organization’s data lives and protecting it against threats, but that is only one piece of the security puzzle. With limited amounts of time, resources and people available to tackle security, organizations have had to prioritize what gets protected. “For instance, an … continue reading
Too many companies are missing a key software component in their businesses: their software bill of materials (SBOM). A SBOM is a list of all the components that make up a piece of software. According to Brian Fox, chief technology officer at Sonatype, while some may think it is a trivial requirement, it provides transparency … continue reading
Amazon Redshift ML is now generally available. The cloud data warehouse enables users to create machine learning models and make predictions from data directly from their Amazon Redshift cluster. Users just have to use a simple SQL query to specify what data they want to use to train their model as well as the output … continue reading
The SaaS security company Detectify last week announced the general availability of its standalone application security tool: Ugly Duckling. The tool is designed to make easier for ethical hackers to share their latest findings on vulnerabilities and then integrate them into automated security tests on Detectify’s platform. It provides the tools to create more test … continue reading
The newly announced OpenAI Startup Fund is investing $100 million to partner with a small number of early-stage startups that are involved in fields that have a lot of potential for AI like health care, climate change and education. The companies in the fund will also get early access to future OpenAI systems, support from … continue reading
The SmartBear and application stability management company Bugsnag announced new error monitoring capabilities designed to improve collaboration and team alignments. The features are designed to support code ownership and accelerate the debugging process, especially for large engineering teams, according to the company. “Most apps have a variety of engineers, including separate engineering teams, working from … continue reading
Atlassian announced that its next-generation cloud app development platform, Forge, is now generally available. Forge has been in beta since the beginning of 2020 and is designed to handle many of the maintenance aspects of app creation such as compliance, data management practices, scaling performance and security. “Forge is the culmination of over 2 years … continue reading
The global IT service company Tata Consultancy Services (TCS) announced that the ninth season of its TCS CodeVita won a Guinness World Record for being the world’s largest computer programming competition totaling 136,054 participants. The 2021 competition brought together college students from around the world to see who ranked among the top student programmers globally. … continue reading
