Kubernetes security company Octarine has announced two new open-source projects designed to protect against cloud-native security vulnerabilities. The Kubernetes Common Configuration Scoring System (KCCSS) is a framework for rating security risks, and kube-scan is a workload and assessment tool. “Our mission is to make the adoption of DevSecOps best practices simple, understandable, and achievable for … continue reading
Tasktop announced the release of its Integration Hub v20.1 to simplify toolchain integration and to help scale enterprise software delivery. The new release includes simple navigation of relationships between configuration elements, a new scheduler for full scans, the ability to configure the flow of private and public comments as well as a new connector Planview … continue reading
API Fortress has announced the new Mass Functional Test Generation solution. The new tool is a beta release that is expected to be made available later this month. It tackles API testing and monitoring, and provides the ability to generate large batches of test. “With over 95% of API vulnerabilities caused by human error or … continue reading
The Cloud Native Computing Platform is funding a new Kubernetes bug bounty program to reward the researchers who find security vulnerabilities in Kubernetes’ codebase as well as build and release processes. The program was launched by the Kubernetes Product Security Committee together with bug bounty program vendor HackerOne. “As a CNCF graduated project, it is … continue reading
DeepCode has revealed the most important bugs as well as the top security vulnerabilities. The analysis comes from the company’s AI-powered code review tool, which analyzed hundreds of thousands of open-source projects to narrow down the vulnerabilities that happen with the most frequency. According to the analysis, file I/O corruptions are the biggest general issue … continue reading
Synopsys announced that it acquired Tinfoil Security, an innovative provider of dynamic application security testing (DAST) and API security testing solutions. “Tinfoil Security provides Synopsys with proven DAST technology that can be seamlessly integrated into development and DevOps workflows. Furthermore, Tinfoil Security’s innovative API scanning technology addresses an emerging demand in the market and will … continue reading
Brazil fined Facebook $1.6 million for their role in the Cambridge Analytica scandal. The country’s justice ministry said that the fines are tied to unlawful sharing of data from its users in Brazil. “It’s evident that the data of about 443,000 users of the platform were made available by the developers of the app ‘thisisyourdigitallife’ … continue reading
VMware announced that it completed the acquisition of Pivotal Software, a cloud-native platform provider. “We believe that modern application development solutions and practices need to be easily accessible to everyday enterprises across the globe. With Pivotal’s developer capabilities as the foundation, we’ll focus on delivering consumable, enterprise-ready cloud native offerings to customers to help them … continue reading
Mastercard announced an agreement to acquire RiskRecon to help financial institutions, merchants and governments to secure their digital assets. With RiskRecon’s AI and data-driven technology is designed to help organizations proactively manage cyber risks and better safeguard intellectual property and consumer and payment data. “By becoming part of their team, we have an opportunity to … continue reading
Software applications have become significantly more complex over the past decade. This bodes well for the creation of new application-based business opportunities and additional customer touchpoints, however increased software complexity also opens the door for more malicious attacks and high-impact data leaks. Ever-nimble and determined threat actors are reinventing their approaches to align with current … continue reading
In a year where data breaches at Facebook have seen no signs of slowing down, another blow has been dealt. A reported 267 million Facebook user IDs and phone numbers were exposed online for anyone to access without a password or any authentication. Most of the records affected users from the United States. The UK … continue reading
Apple announced a bug bounty program that rewards up to $1,500,000 on finding issues that occur on the latest publicly available versions of iOS, iPadOS, macOS, tvOS, or watchOS with a standard configuration. In addition, Apple said it offers public recognition for those who submit valid reports and will match donations of the bounty payment … continue reading
