Fugue announced a free tier for Fugue Developer, which provides automation tools to visualize cloud infrastructure, identify misconfiguration risks, and demonstrate compliance “The cloud upended traditional IT security, forcing hard tradeoffs between agility and security,” said Phillip Merrick, CEO of Fugue. “Fugue Developer puts cloud security in the hands of the software developers building and … continue reading
As organizations start to move to the cloud and adopt multi-cloud and hybrid cloud environments, IBM wants to ensure data stays secure. The company today announced Cloud Pak for Security, a new solution that connects security tools, cloud and on-premise systems without having to move data. IBM first introduced Cloud Paks in June as a … continue reading
WhiteSource announced new and expanded support for all of the top five container registries: Docker, Amazon ECR, JFrog Artifactory, Azure Container Registry, and Google Container Registry. This allows enterprises to track vulnerabilities in file systems, installed packages, image layers and handled archive files without having to manually download and scan containers or images, according to … continue reading
GitHub wants to help protect the open-source ecosystem with the announcement of the GitHub Security Lab. The lab is designed to bring together security researchers, maintainers and companies who are dedicated to open-source security. In addition, the company will provide tools, resource bounties ,and hours of security research. “We all share a collective responsibility to … continue reading
Brave launched its new browser designed to offer users a fast browsing experience, while funding the Web through a new attention-based platform of privacy-preserving advertisements and rewards. Brave’s private ads and payment platform (Brave Rewards) is now available for iPhones and iPads in addition to desktops and Android devices. “Either we all accept the $330 … continue reading
There is currently a skills gap in cybersecurity, and companies need to go a long way to fill that gap. According to a new study from (ISC)2, the cybersecurity workforce will need to grow 145% in order to close that gap. The 2019 (ISC)2 Cybersecurity Workforce Study estimates that the cybersecurity workforce is currently made … continue reading
Google open sourced its Cardboard project that lets developers create VR experiences across Android and iOS devices. “We think that an open source model—with additional contributions from us—is the best way for developers to continue to build experiences for Cardboard,” Google wrote in a blog post. “We’ve already seen success with this approach with our … continue reading
Continuous intelligence company Sumo Logic announced that it acquired JASK Labs, a provider of cloud-native autonomous security operations center (ASOC) software. Sumo Logic plans to expand its cloud-native security intelligence solution to supersede legacy SIEM technology. Ninety-three percent of security professionals think traditional SIEM solutions are ineffective for the cloud, according to the company. The … continue reading
Software security company Veracode has revealed that organizations should use DevSecOps as a way to reduce security debt. Similar to technical debt, security debt occurs when flaws age and accumulate without getting fixed. In their 10th annual State of Software Security (SOSS) report, the company revealed that many of the flaws discovered 10 years ago … continue reading
JavaScript is rising the ranks as the most in-demand developer technology. Pluralsight Technologies released its Technology Index, and found JavaScript to be at the top. Last year when the company released the index in April, JavaScript scored at number four. Following JavaScript as the most in-demand technologies are Java, HTML, Python, C++, Android, C, C#, … continue reading
Gartner revealed its top 10 strategic technology trends for the next year at its IT Symposium/Xpo 2019 conference in Orlando. According to the company, a strategic technology trend is one that has the potential to disrupt the industry and break out into broader impact and use. Unlike last year’s trends, this year’s trend does not … continue reading
To understand an enterprise’s current state of software security risk, executives, security practitioners and development teams need information. Benchmarks provide useful information on performance and risk. However, ideas about which benchmarks are most important will differ depending upon the corporate stakeholder to whom you’re speaking. For example, a business decision-maker has to justify the expense … continue reading
