Topic: security

Google introduces multi-language, cross-platform cryptographic library

Google wants to ensure developers have the tools necessary to protect user data with the open-source release of Tink. This new project is a multi-language, cross-platform cryptographic library designed to ship secure cryptographic code. “At Google, many product teams use cryptographic techniques to protect user data. In cryptography, subtle mistakes can have serious consequences, and … continue reading

SD Times news digest: New two-factor authentication approach, The LF Deep Learning Foundation and Linux 4.19-rc1

Researchers from the University of Alabama at Birmingham have announced a new two-factor authentication method that uses wearables and speech signals. The method “Listening-Watch” uses wearable devices such as smartwatches, activity trackers, and browser-generated speech sounds to perform two-factor authentication. “Listening-Watch offers two key security features,” said Nitesh Saxena, professor in the UAB College of … continue reading

Semmle emerges with new approach to software engineering analytics

Semmle is making its global debut today with a new solution that could help speed up the development of secure software code. The company’s software analytics platform includes a “Looks Good to Me” solution as well as a query engine for preventing software mistakes. In addition, the company is launching with a $21 million series … continue reading

SEI CERT releases open-source Source Code Analysis Laboratory for pinpointing vulnerabilities

The Software Engineering Institute’s (SEI) CERT Division at Carnegie Mellon University released an open-source static analysis aggregator/correlator this week. Source Code Analysis application (SCALe) is designed to find vulnerabilities in application source code via multiple, independent static analysis tools. Compatible with any source code language, this public release of SCALe provides alerts based on two … continue reading

TLS 1.3 approved and released with improved encryption and speed

The Transport Layer Security (TLS) protocol, an integral technology in end-to-end data protection, has been updated to version 1.3 this month with improvements to security, performance, and stripping some insecure optional features from the previous version 1.2. According to the Internet Engineers Task Force (IETF), TLS 1.3 introduces improved encryption during the negotiation handshake stage … continue reading

SD Times news digest: Android Pie SDK, Contrast Security’s free DevSecOps solution, and Status partners with Nim

Following this week’s announcement of Android 9 Pie, Google is releasing a new Android SDK that offers more Kotlin features. According to the company, Android developers often run into problems with the Java programming language when accessing a null reference. Kotlin addresses this problem by providing nullable and non-nullable types in the type system, the … continue reading

SD Times news digest: Xamarin support for Android 9.0, Google’s tips for developing Actions, and Siemens’ low code acquisition

Xamarin has announced support for Android 9.0 in the latest preview release of Xamarin.Android for Visual Studio 2017 and Visual Studio for Mac. The download is available today in the Visual Studio Preview channel and Visual Studio for Mac Beta channel. New features introduced in Android P include display cutout, notification enhancements, indoor positioning, and … continue reading

GitHub announces new account security and recovery practices

GitHub wants to improve security with new capabilities and best practices for account security and recoverability. The company announced it will be enforcing more secure passwords by creating its own version of the project HaveIBeenPwned.com, which users could use to check for passwords that were found in available sets of breach data. The dataset is … continue reading

SD Times news digest: Yale looks at modern cybersecurity challenges, LG AI research lab and GitHub Desktop 1.3

Yale University is releasing a new report on the challenges and problem areas of cyber risk in today’s modern world. The report is based off of discussions from the second annual Yale Cyber Leadership Forum in April. The forum looked at the divide between the law, technology, and business communities as well as focused on … continue reading

PureSec serverless security platform leaves beta, enters general availability

PureSec is broadening the scope of its cloud security offerings with today’s announcement that PureSec Serverless Security Platform is now generally available after the end of its beta period, which started in April. “The adoption of serverless architectures on cloud providers like AWS Lambda and Microsoft Azure is growing exponentially, at an estimated rate of … continue reading

SD Times news digest: Oracle Blockchain Cloud, McAfee MVISION and Anaconda Enterprise 5.2

After a successful early-adopter phase, Oracle has announced its Oracle Blockchain Cloud Service is now generally available. The service is a platform for developing digital blockchain networks with hooks into Oracle’s PaaS and SaaS cloud and on-premises applications. “Oracle Blockchain Cloud Service provides customers with a development platform to build their own networks, and to … continue reading

SD Times news digest: TypeScript 3.0 RC, Microsoft Teams, GitHub’s security alerts for Python and Bootstrap 4.1.2

Microsoft is one step closer to TypeScript 3.0 with the latest release candidate of the JavaScript superset programming language. TypeScript 3.0 RC features project references, extracting and spreading parameter lists with tuples, richer tuple types and support for React’s defaultProps. According to the company, the biggest feature it worked on for this release is the … continue reading

DMCA.com Protection Status