Topic: security

Report: JavaScript becomes most in-demand developer technology

JavaScript is rising the ranks as the most in-demand developer technology. Pluralsight Technologies released its Technology Index, and found JavaScript to be at the top. Last year when the company released the index in April, JavaScript scored at number four.  Following JavaScript as the most in-demand technologies are Java, HTML, Python, C++, Android, C, C#, … continue reading

Gartner’s top 10 technology trends for 2020

Gartner revealed its top 10 strategic technology trends for the next year at its IT Symposium/Xpo 2019 conference in Orlando.  According to the company, a strategic technology trend is one that has the potential to disrupt the industry and break out into broader impact and use.  Unlike last year’s trends, this year’s trend does not … continue reading

Top considerations for DevSecOps to reduce security risk

To understand an enterprise’s current state of software security risk, executives, security practitioners and development teams need information. Benchmarks provide useful information on performance and risk. However, ideas about which benchmarks are most important will differ depending upon the corporate stakeholder to whom you’re speaking. For example, a business decision-maker has to justify the expense … continue reading

Cybersecurity Awareness Month highlights growing problem

National Cybersecurity Awareness Month is observed every October as a way to raise awareness about the importance of cybersecurity, but despite the efforts to provide a safer and more secure Internet — problems still remain.  In 1998, a group of computer hackers went in front of the Senate to warn them about cyber security. The … continue reading

Facebook and top law enforcement officials battle over end-to-end encryption

Top law enforcement officials are urging Facebook to stop its privacy initiative. In an open letter to Facebook, government officials from the United States, United Kingdom and Australia told Facebook it should not proceed with its plans without “including a means for lawful access to the content of communications to protect our citizens.” It also … continue reading

Report: Shifting left does not solve security problems

The rise of DevSecOps has stressed the importance of shifting security left in order to provide better protection. A recently released report, though, found shifting left isn’t enough. In order for security to be viewed as more than just an extra step, it needs to be built into the entire life cycle. Puppet, CircleCI and … continue reading

Report: BSIMM10 shows new wave of engineering-led software security in DevOps

The security aspect of DevOps is evolving as new data found a new wave of engineering-led software security efforts originating bottom-up in the development and operations teams rather than top-down from a centralized software security group (SSG).  Software security initiatives (SSIs) have identified a number of individuals (often developers, testers, and architects) who are invested … continue reading

Code analysis tool Semmle joins GitHub

The code analysis platform provider Semmle wants to expand its reach with the announcement that it is joining GitHub. Together, the companies will work on addressing a big issue in open-source software: security.  RELATED CONTENT: Going to school on open-source security “Software security is a community effort; no single company can find every vulnerability or … continue reading

SD Times Open-Source Project of the Week: Token4Hope

This week’s open-source project of the week is Token4Hope, a charity project powered by the DCore blockchain intended to draw transparency and security to charitable contributions.  “When we realized that often charitable donations lack transparency and people would donate substantially more if they knew where exactly their funds go, we decided to propose our version … continue reading

SD Times news digest: Visual Studio Code 1.38, CircleCI’s security incident, and Google introduces differential privacy controls

Microsoft announced the August 2019 release of Visual Studio Code 1.38, adding updates as well as new features.  Some of the key highlights include the ability to keep letter casing across multi-file search/replace; to check min, max, enum values and glob patterns; quick navigation features; and links to MDN documentation directly from IntelliSense.  The full … continue reading

A managed open-source approach can improve the health of your open-source supply chain

The rise in attacks against the software supply chain is one outgrowth of vulnerabilities in open-source code that go unnoticed and therefore unpatched, a problem that has escalated despite the best efforts of enterprise development teams. As many recent high-profile breaches have underscored, it takes little for an overlooked patch to wreak havoc.  Even those … continue reading

Companies are making up for lack of cybersecurity professionals by investing in their developers

The search for good cybersecurity talent is a struggle facing companies across the industry — a problem that is only likely to get worse over the next few years. According to a report from CNBC in March, there are nearly 3 million open positions globally for security professionals. The hiring shortage is expected to grow … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!