There is currently a skills gap in cybersecurity, and companies need to go a long way to fill that gap. According to a new study from (ISC)2, the cybersecurity workforce will need to grow 145% in order to close that gap. The 2019 (ISC)2 Cybersecurity Workforce Study estimates that the cybersecurity workforce is currently made … continue reading
Google open sourced its Cardboard project that lets developers create VR experiences across Android and iOS devices. “We think that an open source model—with additional contributions from us—is the best way for developers to continue to build experiences for Cardboard,” Google wrote in a blog post. “We’ve already seen success with this approach with our … continue reading
Continuous intelligence company Sumo Logic announced that it acquired JASK Labs, a provider of cloud-native autonomous security operations center (ASOC) software. Sumo Logic plans to expand its cloud-native security intelligence solution to supersede legacy SIEM technology. Ninety-three percent of security professionals think traditional SIEM solutions are ineffective for the cloud, according to the company. The … continue reading
Software security company Veracode has revealed that organizations should use DevSecOps as a way to reduce security debt. Similar to technical debt, security debt occurs when flaws age and accumulate without getting fixed. In their 10th annual State of Software Security (SOSS) report, the company revealed that many of the flaws discovered 10 years ago … continue reading
JavaScript is rising the ranks as the most in-demand developer technology. Pluralsight Technologies released its Technology Index, and found JavaScript to be at the top. Last year when the company released the index in April, JavaScript scored at number four. Following JavaScript as the most in-demand technologies are Java, HTML, Python, C++, Android, C, C#, … continue reading
Gartner revealed its top 10 strategic technology trends for the next year at its IT Symposium/Xpo 2019 conference in Orlando. According to the company, a strategic technology trend is one that has the potential to disrupt the industry and break out into broader impact and use. Unlike last year’s trends, this year’s trend does not … continue reading
To understand an enterprise’s current state of software security risk, executives, security practitioners and development teams need information. Benchmarks provide useful information on performance and risk. However, ideas about which benchmarks are most important will differ depending upon the corporate stakeholder to whom you’re speaking. For example, a business decision-maker has to justify the expense … continue reading
National Cybersecurity Awareness Month is observed every October as a way to raise awareness about the importance of cybersecurity, but despite the efforts to provide a safer and more secure Internet — problems still remain. In 1998, a group of computer hackers went in front of the Senate to warn them about cyber security. The … continue reading
Top law enforcement officials are urging Facebook to stop its privacy initiative. In an open letter to Facebook, government officials from the United States, United Kingdom and Australia told Facebook it should not proceed with its plans without “including a means for lawful access to the content of communications to protect our citizens.” It also … continue reading
The rise of DevSecOps has stressed the importance of shifting security left in order to provide better protection. A recently released report, though, found shifting left isn’t enough. In order for security to be viewed as more than just an extra step, it needs to be built into the entire life cycle. Puppet, CircleCI and … continue reading
The security aspect of DevOps is evolving as new data found a new wave of engineering-led software security efforts originating bottom-up in the development and operations teams rather than top-down from a centralized software security group (SSG). Software security initiatives (SSIs) have identified a number of individuals (often developers, testers, and architects) who are invested … continue reading
The code analysis platform provider Semmle wants to expand its reach with the announcement that it is joining GitHub. Together, the companies will work on addressing a big issue in open-source software: security. RELATED CONTENT: Going to school on open-source security “Software security is a community effort; no single company can find every vulnerability or … continue reading
