Topic: security

HCL AppScan 10 to come with improved app security testing capabilities

HCL has announced a major update to its automated application security testing and management tool. AppScan 10 is designed to provide faster and more accurate security scans, secure DevOps and help enterprises manage application security problems.  “AppScan V10 is another example of HCL Software’s commitment to unlocking new value in a battle-tested product that thousands … continue reading

premium The cloud security triptych

I’ve previously written about the “Three T’s” of shifting security left: training, tools, and teamwork. In this blog, we’re going to delve down a level and look at some of the tools needed to shift left, what they do, and where in the software lifecycle they belong. The lifecycle question is important to think about … continue reading

SD Times news digest: .NET 5 Preview 1, TigerGraph 3.0’s no-code capabilities, and Axis Security emerges from stealth

Microsoft released .NET Preview 1, which is scheduled for a general availability release in November.  Preview 1 includes support for Windows ARM64 for the first time and also the .NET Core runtime. Microsoft said it expects Preview 2 to include the SDK (ASP.NET Core but not WPF or Windows Forms). Some of the high-level goals … continue reading

Auth0 releases new threat intelligence tools as part of Apility.io acquisition

Auth0 announced Auth0 Signals, a collection of threat intelligence tools and product capabilities designed to protect customers from identity attacks. The release coincides with the company’s acquisition of anti-abuse company Apility.io. According to the company, the acquisition will provide a crucial source of IP threat intelligence to it’s Anomaly Detection engine, which detects malicious and risky … continue reading

SD Times news digest: Rust 1.42.0, Microsoft releases patch for critical security bug, and Sonatype expands support for open-source security and governance

Rust 1.42.0 includes more useful panic messages when unwrapping, subslice patterns, the deprecation of Error::description, and more. Additionally, Rust said it is downgrading 32-bit targets to Tier 3 support by the project, since Apple no longer supports it either.  More details on the language update are available here. Microsoft releases patch for critical security bug … continue reading

FSF reveals plans to build a public code hosting and collaboration platform

The Free Software Foundation (FSF) announced plans to launch a public code hosting and collaboration platform (“forge“) this year.  Members of the FSF tech team are currently reviewing ethical web-based software that will help teams work on their projects, with features like merge requests, bug tracking, and other common tools. “Infrastructure is very important for … continue reading

SD Times news digest: Claris Connect, Snyk announces new collaboration for keeping software secure, and MongoDB’s App Modernization Guide

Claris launched Claris Connect, a workflow automation platform designed for the real-world challenges of SMBs.  “The right path to being cloud-first is to be cloud smart,” said Brad Freitag, CEO of Claris. “That means giving problem solvers all the power of the cloud – sharing, rapid deployment, scalability – without losing connection to the real … continue reading

Security – Just Another Aspect of Quality

Programmers err as much as any of us — between 15 and 50 errors per 1,000 lines of code to be more exact. QA tests for these bugs, attempting to ensure that releases are as bug-free as possible. Customers who trust their operations to software won’t tolerate poorly written code, and teams go out of … continue reading

Focused on application vulnerabilities? You’re missing the bigger picture

In today’s era of digital transformation, every organization must focus on application security. However, focusing on security vulnerabilities alone is unwise because it’s nearly impossible to prioritize what needs to be done. “DevOps teams are sitting in front of a table with the keys to the kingdom on their computers,” said Jake King, co-founder and … continue reading

4 DevSecOps mistakes to avoid

DevSecOps isn’t just a practice, it’s a continuous learning experience. If you want to be successful faster, avoid these common misconceptions. #1: Business as usual is good enough Cybercriminals are constantly changing their tactics. If your organization’s application security practices are static, they aren’t as robust as they should be. RELATED CONTENT:  How to get … continue reading

premium Solving your data problem with customized software

Large legacy enterprises have a data problem. Decades of iterative infrastructure updates via relatively small investments have resulted in information silos scattered across different systems and in different formats. For example, a hospital may have patient records in one location and accounting data in another. All of this data is managed by different teams with … continue reading

RSA: Google Cloud security updates, Imperva advanced bot protection solution, Code42 insider threat detection, and Elastic’s integrated security offerings

In order to improve cybersecurity efforts, new tools are being released this week at the RSA Conference in San Francisco. The conference brings together top cybersecurity professionals and business leaders to discuss emerging trends and formulate the best strategies for tackling current and future threats. The new tools include solutions that speed up security testing, … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!