Topic: security

SD Times news digest: Oct. 6, 2014—Google’s Polycasts, DARPA’s SafeWare, BlazeMeter and Sauce Labs’ partnership and Microsoft and Samsung’s patent dispute

Google launches Polycasts Google wants to help developers get started with Polymer and Web Components. The company has announced Polycasts, a new video series dedicated to teaching one concept at a time, and highlights best practices for working with Polymer and DevTools. “Because Polymer and Web Components are such big changes for the platform, there’s … continue reading

OpenSSL unveils first security policy

The development team behind the OpenSSL open-source encryption toolkit has released its first official security policy, laying out its internal security protocols and plans to pre-notify organizations implementing OpenSSL about impending updates and security fixes. The OpenSSL pre-notification policy will allow notices to be sent out over the OpenSSL mailing list and on the homepage … continue reading

How Red Hat and the open-source community are fortifying Docker

As Docker has exploded in popularity, so too has the open-source community around it. Now, as more and more large enterprise software companies jump on the Docker bandwagon, the community is tackling some of the larger issues behind the emerging technology, namely container security. One of the big names driving security improvements in Docker container … continue reading

Zeichick’s Take: They want to steal your data

Tuesday’s voicemail from my bank was short and simple: “My name is Patricia from the Bank of America fraud prevention department. This important message is for Mr. Alan Zeichick. We are calling to verify some potentially suspicious activity on your account. It is very important that we speak with you.” Nobody had pilfered a credit-card … continue reading

IEEE reveals Top 10 software security design flaws (and how to avoid them)

The IEEE Center for Secure Design has published a report on the Top 10 software security design flaws (and how to avoid them). When it comes to making sure software is secure, too much of the attention is focused on bugs, and not enough of the conversation is about design flaws, according to Gary McGraw, … continue reading

SD Times news digest: August 27, 2014—RethinkDB 1.14, Nokia DVLUP dies, Netflix threat modeling tools

RethinkDB 1.14 released Version 1.14 of the RethinkDB open-source distributed JSON database has been released with more than 50 new enhancements. RethinkDB ecosystem engineer Josh Kuhn announced the release in a blog post, explaining that 1.14 is the first RethinkDB release that doesn’t require data migration. Some of the main upgrades and new features include: … continue reading

SD Times news digest: August 22, 2014—Microsoft’s DocumentDB and Azure Search-as-a-Service, Kivy library, and EngineYard’s PouchDB

Microsoft announces DocumentDB and Azure Search-as-a-Service Microsoft has announced several services for its Azure cloud platform, including DocumentDB, a fully managed NoSQL document database service. Blog posts from Microsoft Azure product marketing director Vibhor Kapoor and Azure senior program manager Ryan CrawCour detail the new services, which in addition to the NoSQL service feature Azure … continue reading

OpenSSL issues nine software fixes for encryption scheme

The popular OpenSSL encryption scheme underlying much of the Web’s security protocols is finally turning a corner. With Heartbleed now well behind it, the open-source SSL/TLS security protocol released a project road map laying out its short- and long-term goals, and it has issued nine security fixes to the encryption scheme. In a Security Advisory, … continue reading

From the Editors: Be the secure manager

It’s a mess out there. OpenSSL was compromised. The U.S. government is in your database. Cats and dogs living together; mass hysteria! But there is a solution. You, as a software development manager, hold the keys to making sure your software is secure. You hold the keys to making sure your infrastructure is secure. You … continue reading

The secure software development life cycle

Even with all we know about cross-site scripting and SQL injections, these attacks on servers remain pervasive. Part of that is due to the fact that security technology (firewalls, signatures, past definitions) was not focused on these types of attacks. Another part is that developers have not embraced security as something that is their concern. … continue reading

Security is front and center for developers

When it was announced on June 8 that OpenSSL was vulnerable to a dangerous new attack that could reveal security certificates to an attacker, the Internet spent a few days in panic mode. Thousands, if not millions, of sites used (and still use) OpenSSL, and the fix for the problem took a few days to … continue reading

SD Times news digest: July 28, 2014—Samsung Z Tizen phone delays, HiVE encryption, a wearable programming toy, and EMMS 4.0

Samsung indefinitely postpones launch of Tizen-powered Samsung Z It’ll be a bit longer before we see a Samsung phone running Tizen OS. Samsung announced it is delaying sales of the Samsung Z smartphone, the company’s first device running Tizen, the rival mobile platform to Android and iOS. Samsung canceled a developer conference in Russia where … continue reading

Ad will close in seconds
Continue to site
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!