AWS has added four new controls to S3 to help prevent leaks. Amazon S3 buckets and objects are private by default, but settings can be changed that make them public. “We want to make sure that you use public buckets and objects as needed, while giving you tools to make sure that you don’t make … continue reading
At the Infosecurity North America conference in New York City this week, a group of security executives from various organizations came together to talk about the key features of successful security awareness programs. All panelists stressed the importance of developing a strategy that is tailored to their individual organization. Matt Nappi, CISO at Stony Brook … continue reading
Cloud monitoring company SignalFx has revealed SignalFx Microservices APM, which is a new application performance monitoring solution designed for DevOps teams. The solution is built on top of the company’s streaming analytics platform, giving it access to power data analytics. “The world happens in real-time and if something goes wrong, finding problems minutes later just … continue reading
Open-source software forms the backbone of most modern applications. According to the 2018 Black Duck by Synopsys Open Source Security and Risk Analysis Report, 96 percent of the 1,100 commercial applications that the company audited for the survey contained open-source components, with each application containing an average of 257 open-source components. In addition, on average, … continue reading
Infosys has released what it calls a enterprise-class integrated DevOps platform into open source. According to the company’s Chief Operating Officer Pravin Rao, “enterprises pursuing digital transformation require Agile and DevOps at scale to rapidly adopt new technologies, transform legacy systems and respond swiftly to new requirements.” The Infosys DevOps Platform is meant to address … continue reading
Graph database solution provider Neo4j has closed an Series E round of funding at $80 million. This brings the company’s total growth funding to $160 million since 2007. The funding will be used to help the company power business applications with graph databases as well as increase the product to support popular use cases such … continue reading
Application security threats continue to increase in sophistication and number as the technologies that enable them do as well. There have been reports of a 12 percent increase in banking trojans. Twenty-three percent increase in spyware. Twenty-two percent increase in botnets and other crypto mining malicious apps. While there are tools and technologies available to … continue reading
The rise of microservices and serverless applications has enabled developers to build apps at scale and with less complexity at lower costs. But these new modern apps also come with a new set of issues and problems developers have to be concerned about. Data Theorem today announced new automated API solutions aimed at addressing threats … continue reading
As many as four out of five companies leveraging a DevOps approach to software engineering do so without integrating the necessary information security controls, underscoring the urgency with which companies should be evaluating “Rugged” DevOps (also known as “shift left”) to build security into their development life cycle as early as possible. Rugged DevOps represents … continue reading
Today’s companies must become software companies to keep pace with competitive pressures and customer demands. As organizations become increasingly software-enabled, their footprints are extending out to cloud environments and the Internet of Things (IoT), increasing application complexity and the associated risks. With Synopsys, software teams can avoid the usual trade-offs between faster time-to-market imperatives, security … continue reading
Serverless security provider Protego is offering a new version of its platform to help enterprises adopt serverless. The free starter plan will feature full functionality, protection for up to one million invocations and 30 days of data retention. “More and more companies are looking to capitalize on the benefits of serverless computing without putting much … continue reading
Microsoft kicked off its Ignite conference this morning with a boatload of announcements primarily around three themes: IT security, AI and data, and IoT and edge computing. With cyberattacks continuing to harm organizations around the world, Microsoft announced Secure Score, a report card for assessing their current state of security as well as making recommendations … continue reading