Topic: security

Veracode expands platform to support container security

Application security company Veracode has announced that its Continuous Software Security Platform now supports container security.  According to Veracode, containers suffer from a lot of the same issues as traditional physical or virtual server hardware. This includes things like poorly managed secrets and security misconfigurations, both of which are addressed by Veracode’s solution.  Veracode also … continue reading

Low code doesn’t necessarily mean low security risks

Low-code has many benefits, and they’ve been widely discussed in a number of articles here on SD Times, but one area in which they don’t really have an edge is security.  It’s not that low code is more risky than traditional code, but the same risks are there, Jeff Williams, co-founder and CTO of Contrast … continue reading

Contrast Security introduces new security testing tools for JavaScript frameworks

Contrast Security, the code security company, today announced the expansion of its Secure Code Platform’s static application security testing capabilities to include JavaScript language support as well as support for Angular, React, and jQuery frameworks. With this, developers are enabled to quickly find and repair security defects in their client-side code.  The addition of Contrast … continue reading

Ox Security emerges from stealth with $34M to provide end-to-end software supply chain security

Tel Aviv, Israel, September 29, 2022 — Ox Security, the end-to-end software supply chain security platform for DevSecOps, exited stealth today with $34M in funding led by Evolution Equity Partners, Team8, and M12, Microsoft’s venture fund, with participation from Rain Capital. OX was founded less than a year ago by Neatsun Ziv and Lior Arzi, … continue reading

CloudBees acquires ReleaseIQ to expand DevSecOps offerings

CloudBees acquired the ReleaseIQ DevOps Platform to expand the company’s DevSecOps capabilities and to empower customers with a low-code, end-to-end release orchestration and visibility solution.  The SaaS offering enables DevOps organizations to compose and analyze workflows, and also orchestrate a combination of CI/CD technologies including Jenkins without the need to migrate or replace.  “The decision … continue reading

Quest Software Announces Public Beta for SharePlex for PostgreSQL

ALISO VIEJO, Calif. – Sept. 22, 2022 – Quest Software, a global systems management, data protection and security software provider, today announced the public beta of SharePlex for PostgreSQL. SharePlex is the industry-leading database management and replication solution designed to help customers ensure high availability and facilitate the movement of data between platforms. Businesses are … continue reading

Coding Labs help developers take learning into code

To help developers move from learning to applying that knowledge to make their code more secure, Secure Code Warrior today launched Coding Labs, to enable real-time coding in an in-browser IDE. “We found that 40% of developers don’t believe they’re receiving enough hands-on training from their current tools and resources. We’ve set out to fundamentally … continue reading

White House guidance requires agencies to inventory all software in 90 days

The White House issued a memorandum that requires each federal agency to comply with the NIST Guidance when using third-party software on the agency’s information systems and to inventory all software subject to its requirements within 90 days.  As part of the new guidance that follows the executive order “Improving the Nation’s Cybersecurity” issued in … continue reading

Google introduces new features to identity services library to make authentication easier for developers

Google is trying to make authentication easier and safer for developers by introducing new features to the Google Identity Services (GIS) library.   “For developers, our focus has always been to offer a frictionless experience that makes it easier for users to onboard and return to partner platforms, while also helping developers create a trusted relationship … continue reading

Threat landscapes: An upstream and downstream moving target

In recent years, hackers have become very sophisticated in the ways they attack upstream development pipelines by introducing vulnerabilities into the software supply chain. The popularity of open source makes those repositories a low-hanging fruit to target. In an SD Times Live! Event titled “Threat Landscapes: An Upstream and Downstream Moving Target,” Theresa Mammarella, developer … continue reading

ThreatModeler 6.0 now available with features to simplify threat modeling for developers

The threat modeling and security cloud infrastructure company, ThreatModeler, has announced the general availability of ThreatModeler 6.0. This release offers users multiple new capabilities intended to improve the threat modeling process for both security and DevOps teams. With this update comes a complete redesign of the platform’s interface, workflows, model building, and reporting based on … continue reading

Rust establishes new security team

The Rust Foundation, the nonprofit organization for the Rust programming language, today announced that it will be establishing a dedicated security team, underwritten by the OpenSSF’s Alpha-Omega Initiative as well as the foundation’s newest platinum member, JFrog.  “There’s often a misperception that because Rust ensures memory safety that it’s one hundred percent secure, but Rust … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!