Topic: security

Snyk acquires real-time semantic code analysis provider DeepCode

Snyk is looking to bolster its security platform with the acquisition of DeepCode, a provider of real-time semantic code analysis. Through its AI-powered platform, DeepCode is able to assist developers with app quality and security. According to Snyk, the addition of DeepCode will add to its existing open-source security, container security and infrastructure as code … continue reading

SD Times news digest: Windows app development updates, GitLab 13.4, and the Auth0 Marketplace

Microsoft has announced new ways for Windows developers to build applications. The company announced it is working on a unified app platform that will enable developers to leverage new and existing code.  With Project Reunion, the company is working to unify access to Win32 and UWP APIs. “We will provide a common platform for new … continue reading

Putting developers into application security

Making security easy for developers, in their preferred tools, while still generating reports for the CISO is a challenge many organizations face today, when the reality is that late-stage security approaches can’t plug vulnerabilities deep within applications. Yet putting the onus squarely on developers is a gamble, as many aren’t knowledgeable about certain kinds of … continue reading

SD Times news digest: erwin launches new cloud migration and data governance suite, Atlassian Ventures, and Instaclustr for Redis

erwin has annoucned the launch of a new cloud migration and data governance suite. The new suite, erwin Cloud Catalyst, helps organizations quickly and safely migrate their data from legacy, on-premise databases to the cloud and then govern those data sets throughout their lifecycle. erwin Cloud Catalyst is comprised of erwin Data Modeler (erwin DM), … continue reading

Sonatype and NeuVector partner to centralize container and open source security

Sonatype, the company that scales DevOps through open source governance and software supply chain automation, and NeuVector, the leader in full lifecycle container security, today announced a new integration that provides a comprehensive view of all Kubernetes and Container open source risk in one place. The use of Kubernetes and Containers has skyrocketed in recent years. … continue reading

SD Times news digest: Slash GraphQL, Snyk closes $200 million round of funding, and DataStax introduces Indexing for Apache Cassandra

GraphQL database company Dgraph has announced the release of Slash GraphQL, a fully-managed GraphQL backend service for building GraphQL apps. According to the company, SlashGraphQL features custom logic and access to remote HTTP endpoints, the ability to run graph queries, integration with remote GraphQL servers, and more.  “Dgraph is unique: it’s the only native GraphQL … continue reading

A guide to security tools

Sonatype: The company’s Nexus Platform automatically enforces open-source governance and controls risk across every phase of the SDLC. Fueled by Nexus Intelligence which includes in-depth security, license, and quality information on millions of open-source components across dozens of ecosystems, the platform precisely identifies open-source risk and provides expert remediation guidance, empowering developers to innovate faster. … continue reading

How does your company help make applications more secure?

Brian Fox, CTO of Sonatype:  Today, more than 1,200 companies rely on the Nexus platform to unite software developers, security professionals, and IT operations on the same team so they can continuously identify and remediate open-source risk, without slowing down innovation. When speed is critical, Nexus ensures that controls keep pace and that innovation prospers. … continue reading

Closing the (back) door on supply chain attacks

Security has become ever more important in the development process, as vulnerabilities last year caused the 2nd, 3rd and 7th biggest breaches of all time measured by the number of people that were affected.  This has exposed the industry’s need for more effective use of security tooling within software development as well as the need … continue reading

Security Compass introduces Balanced Development Automation to tackle DevOps security

Security Compass introduced the new DevOps tool category Balanced Development Automation (BDA) in order to empower organizations to build secure digital products without compromising time to market. According to the company, development teams usually have to choose between “fast and risk” or “slow and safe.” BDA aims to improve processes that are manual, inconsistent, silo … continue reading

SD Times news digest: WhiteSource supports Microsoft VS Code Editor, Microsoft’s Zero Trust deployment guide, and Google’s steps on OAuth 2.0 flows

WhiteSource has announced it will now integrate with Microsoft Visual Studio Code Editor. According to the company, the integration gives Visual Studio Code developers visibility and security alerts on problematic open-source components while continuing to develop within their preferred development environment. “Integrating security testing pre-build allows issues to be detected earlier when they are easier … continue reading

Microsoft reveals new cybersecurity issues in a remote world

Microsoft has released new data to show how the pandemic is accelerating the digital transformation of cybersecurity. According to the data, 58% of respondents report that they have increased their security budgets due to COVID-19, 82% plan on adding more security staff, and 81% feel pressure to lower security costs.  “The role of security in … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!