Topic: security

Chances of data leaks are high in mobile apps

Most mobile applications contain at least some programming flaws that make them susceptible to leaking data containing personal information. In fact, mobile applications distributed in Apple’s App Store and Google Play are more likely to have at least one hidden bug that can compromise privacy than they are of containing a security vulnerability, where the … continue reading

SD Times news digest: Postman 7.1, Auth0 secures $103 million, and an update on the Stack Overflow breach

API development environment provider Postman has announced Postman 7.1, which enables developers to create APIs directly within the app. The release features new API, define, develop, test and observe tabs, API elements, extended schema support, and versioning and version tagging. The new versioning feature allows developers to maintain multiple versions of an API simultaneously, Postman … continue reading

Shifting left for better security? It’s just as important to shift right too

There’s been a lot of talk lately in security and development circles about the need to shift left in the software development lifecycle—and rightly so. By bringing security into the picture from the beginning, you can catch weak designs and bugs earlier, when they’re cheaper and easier to fix. So far, so good. But does … continue reading

Open Source Day 2019 focuses on the cloud, security and development

The 12th edition of Open Source Day (OSD) will take place today at the Legia Warsaw Stadium in Poland’s capital city. The event will include presentations, forums and nine technical sessions spanning automation, containerization, cloud computing, virtualization, security, monitoring, CI/CD, software and app development and databases. “Participants at the upcoming event will be able to … continue reading

SD Times news digest: Android Q gets new security features, The Data Literacy Project announces community forum, CentOS releases status update on OS rebuild

Android Q is getting new security features that include encryption, platform hardening and authentication. In the Q release, the company is launching Adiantum, designed to run efficiently without cryptographic acceleration hardware, and to work across everything from smart watches to internet-connected medical devices. Now, all compatible Android devices newly launching with Android Q are required … continue reading

Open-source software use grows but risks remain, study finds

Open source software makes up more than half of enterprise codebases analyzed in 13 out of 17 industries, according to this year’s Open Source Software Risk Assessment study by the Black Duck Audit Services team at code quality analysis software provider Synopsys. But this increase in use also points to increased risk, as patches to … continue reading

SD Times Open-Source Project of the Week: Ghidra

The NSA announced at the 2019 RSA Conference in San Francisco this week that it is making its software reverse engineering tool Ghidra available to the public and open source. According to the agency, the project is aimed at making reverse engineering software more attainable with tools designed, among other things, to model processor activity to … continue reading

Checkmarx adds more management capabilities to address security at scale

Checkmarx has announced several new capabilities at this week’s RSA Conference in San Francisco in the hopes that it will enable security at scale. The latest version of the Checkmarx Software Exposure Platform adds more to the management and orchestration layer of the product. According to the company, the new release will offer a more … continue reading

RSA 2019: Synopsys’ Polaris Software Integrity Platform, Sysdig’s Cloud-Native Intelligence Platform, WhiteHat security partnership program and more

RSA Conference is taking place this week in San Francisco with a number of companies and thought leaders coming together to tackle the latest and greatest cybersecurity threats. “Some say it’s impossible to stay ahead of cybersecurity threats. We disagree. We’ll always be here as your go-to resource for exchanging ideas, learning the latest trends … continue reading

WebAuthn becomes an official recommended web standard

The Internet is one step closer to a passwordless future. The World Wide Web Consortium (W3C), along with the FIDO Alliance, announced that Web Authentication (WebAuthn) specification is now a web standard. WebAuthn is a core component of the FIDO Alliance’s FIDO 2 set of specifications, which aims to provide easier authentication services to mobile … continue reading

Hackers are still sticking to the tried-and-true methods

Despite evolutions in technology, hackers are still using the same old tricks, though sometimes in a more evolved way. The hacker mentality is to want to grab the low-hanging fruit, or go after the easiest target, explained Sivan Rauscher, co-founder and CEO of SAM, a network security company. For attackers trying to find those low-hanging … continue reading

Microsoft to democratize homomorphic encryption with SEAL for .NET

Microsoft is introducing its open-source homomorphic encryption solution to the .NET developer ecosystem. Microsoft SEAL for .NET is a wrapper library designed to enable developers to interact with Microsoft SEAL for .NET apps. Microsoft SEAL, or Simple Encryption Arithmetic Library, was first open-sourced in December. “As we increasingly move our data to the cloud, there … continue reading

DMCA.com Protection Status