Security Compass introduced the new DevOps tool category Balanced Development Automation (BDA) in order to empower organizations to build secure digital products without compromising time to market. According to the company, development teams usually have to choose between “fast and risk” or “slow and safe.” BDA aims to improve processes that are manual, inconsistent, silo … continue reading
WhiteSource has announced it will now integrate with Microsoft Visual Studio Code Editor. According to the company, the integration gives Visual Studio Code developers visibility and security alerts on problematic open-source components while continuing to develop within their preferred development environment. “Integrating security testing pre-build allows issues to be detected earlier when they are easier … continue reading
Microsoft has released new data to show how the pandemic is accelerating the digital transformation of cybersecurity. According to the data, 58% of respondents report that they have increased their security budgets due to COVID-19, 82% plan on adding more security staff, and 81% feel pressure to lower security costs. “The role of security in … continue reading
In response to COVID-19, the Angular team announced that it will extend AngularJS LTS by 6 months until the 31st of December 2021. After the LTS ends, the AngularJS package will still be available on npm, bower, and CDNs. “With the release of version 10 of Angular we continue to move the platform forward with … continue reading
The past year saw a 430% increase in next-generation cyber attacks aimed at actively infiltrating open source software supply chains, according to the 2020 State of the Software Supply Chain report. In the past 12 months, 929 next-generation software supply chain attacks were recorded. By comparison, 216 such attacks were recorded between February 2015 and … continue reading
Datadog today is revealing its vision for bringing security and performance monitoring into a single platform in the form of updates and new product features for its cloud infrastructure monitoring platform. At its virtual DASH conference this week, the company announced Error Tracking, Incident Management, Compliance Monitoring and Continuous Profiler, rounding out its platform to … continue reading
The Office of the Comptroller of the Currency (OCC) assessed an $80 million civil money penalty against Capital One for its role in the 2019 hack of 100 million credit card applications. The OCC reached the decision due to “the bank’s failure to establish effective risk assessment processes prior to migrating significant information technology operations … continue reading
The Linux Foundation has announced a new collaboration effort to improve open-source security. The Open Source Security Foundation (OpenSSF) aims to consolidate industry efforts with targeted initiatives and best practices. According to the Linux Foundation, OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all … continue reading
BlackBerry announced new efforts to fight against cybersecurity attacks at this week’s Black Hat USA 2020 conference. The company’s new open-source tool PE Tree is designed to significantly reduce the time and effort required to reverse engineer malware. According to the company, with the use of PE Tree, reverse engineers can view portable executable (PE) … continue reading
The OpenTelemetry .NET SDK has reached beta. Developers can now begin integrating the OpenTelemetry .NET SDK into their applications and libraries to capture and export metrics and traces. The beta release also includes instrumentation libraries for ASP.NET, ASP.NET Core, HTTP client, SQL client, and gRPC client. While functional, beta components have not gone through thorough … continue reading
Security company Veracode has announced it will be offering a Security Labs Community Edition as a free-to-use alternative to its Enterprise Edition. This new edition will allow developers to hack and patch real applications, allowing them to learn new tactics and best practices in a controlled, safe environment. The company had recently partnered with Enterprise … continue reading
Cloudflare has unveiled a new serverless solution to compete with AWS Lambda. The release of Cloudflare Workers Unbound offers a serverless platform for developers to run complicated computing workloads across the Cloudflare network and pay only for what they use. According to the company, the new solution can save users up to 75% for the … continue reading