Spectral’s newly released Preflight solution is an open-source tool designed to help developers defend against supply chain attacks by automatically verifying and safely executing a user’s CI and third-party scripts. The solution queries popular anti-malware services to verify and block binaries if they contain malware. “Hackers have become increasingly sophisticated, with a variety of tools, … continue reading
Application security initiatives and programs are getting good at getting down to where an organization’s data lives and protecting it against threats, but that is only one piece of the security puzzle. With limited amounts of time, resources and people available to tackle security, organizations have had to prioritize what gets protected. “For instance, an … continue reading
Too many companies are missing a key software component in their businesses: their software bill of materials (SBOM). A SBOM is a list of all the components that make up a piece of software. According to Brian Fox, chief technology officer at Sonatype, while some may think it is a trivial requirement, it provides transparency … continue reading
Amazon Redshift ML is now generally available. The cloud data warehouse enables users to create machine learning models and make predictions from data directly from their Amazon Redshift cluster. Users just have to use a simple SQL query to specify what data they want to use to train their model as well as the output … continue reading
The SaaS security company Detectify last week announced the general availability of its standalone application security tool: Ugly Duckling. The tool is designed to make easier for ethical hackers to share their latest findings on vulnerabilities and then integrate them into automated security tests on Detectify’s platform. It provides the tools to create more test … continue reading
The newly announced OpenAI Startup Fund is investing $100 million to partner with a small number of early-stage startups that are involved in fields that have a lot of potential for AI like health care, climate change and education. The companies in the fund will also get early access to future OpenAI systems, support from … continue reading
The SmartBear and application stability management company Bugsnag announced new error monitoring capabilities designed to improve collaboration and team alignments. The features are designed to support code ownership and accelerate the debugging process, especially for large engineering teams, according to the company. “Most apps have a variety of engineers, including separate engineering teams, working from … continue reading
Atlassian announced that its next-generation cloud app development platform, Forge, is now generally available. Forge has been in beta since the beginning of 2020 and is designed to handle many of the maintenance aspects of app creation such as compliance, data management practices, scaling performance and security. “Forge is the culmination of over 2 years … continue reading
The global IT service company Tata Consultancy Services (TCS) announced that the ninth season of its TCS CodeVita won a Guinness World Record for being the world’s largest computer programming competition totaling 136,054 participants. The 2021 competition brought together college students from around the world to see who ranked among the top student programmers globally. … continue reading
Microsoft announced a new open-source initiative, SimuLand, to help security researchers deploy lab environments that reproduce well-known techniques used in attack scenarios. Participants can use the labs to then test the effectiveness of Microsoft 365 Defender, Azure Defender, and Azure Sentinel detections. The simulation steps are mapped to detection queries and alerts to the aforementioned … continue reading
Curiefense is an open-source application security platform in the Cloud Native Computing Foundation as a sandbox project. The project was developed and announced earlier this year from the cloud-native application solution provider Reblaze. The goal of the project is to address cloud-native security needs, remove challenges, adopt an open and collaborative platform and use modern … continue reading
The updated version of Creatio’s low-code platform for process automation and CRM includes a full cycle of process management, an accelerated time to market for new applications and more. The platform’s updated low-code and developer tools enable users to build apps and processes faster with an improved UI and platform enhancements for external file data … continue reading
