Organizations are finding it increasingly difficult to identify dark endpoints, which not only costs enterprises millions of dollars, but also puts companies at risks for threats and attacks. According to new research from Absolute, an endpoint security company, and the Ponemon Institute, organizations are wasting over $6 million in detection, response, and wasted time. While … continue reading
Amazon Web Services (AWS) is making AWS Greengrass — a software which allows customers to run AWS compute, messaging, data caching, and sync capabilities on connected devices — available to all its customers. According to an AWS statement, AWS Greengrass “eliminates the complexity involved in programming and updating IoT devices by allowing customers to use … continue reading
Pepperdata announced a new product that identifies lines of code and stages of performance issues that are related to CPU, memory, or network and disk I/O. The Pepperdata Code Analyzer for Apache Spark provides Spark application developers with the means to find performance issues and connect them to a specific block of code within their … continue reading
There’s a new ransomware attack that has affected several organizations globally, and although it’s slow-moving, security experts are urging companies to keep their antivirus programs up-to-date, as well as their software. The ransomware — dubbed WannaCry (WanaCrypt0r 2.0/WCry) — has hit Britain’s National Health Service, some of Spain’s big companies, and has spread across Russia, … continue reading
In an effort to better protect their users, Google is giving developers new updates when it comes to publishing web applications. The company is updating the app publishing process, risk assessment systems, and user-facing consent page to detect any abnormalities and protect against spoofing or misleading application identities. In addition, the company’s risk assessment process … continue reading
Nearly every company today embraces cloud. According to the 2017 State of the Cloud Survey by Right Scale, 95 percent of organizations use cloud in some fashion. Cloud market is growing so rapidly that, according to Forrester, revenue from public cloud platforms, business services, and SaaS will grow 22 percent annually, reaching $236 billion by 2020! Evidently, cloud is the future, if not … continue reading
Flexera is reimagining its software supply chain safety by embedding open-source security directly into the software development build process. In order to keep the software supply chain secure, the company announced its new FlexNet Code Aware product, which is an automated, open-source risk assessment and package discovery solution that lets developers quickly scan products for … continue reading
Signal Sciences today announced the availability of its Signal Sciences Web Protection Platform (WPP). WPP is new platform designed to provide threat protection for web applications, APIs, and microservices on any platform. This platform launch comes on the heels of Signal Sciences’ announcement of a $15 million series B funding round led by CRV. Signal … continue reading
In order for teams to spot security problems and vulnerabilities in their code, Rogue Wave is updating its static code analysis tool with a new security report, new Java checkers, extensive updates to its CERT taxonomy, and more. Rogue Wave’s Klocwork 2017.1 is the company’s latest release, and it introduces a new built-in graphical security … continue reading
Black Duck, a company that serves up information about the latest security vulnerabilities on open source components, released its 2017 Open Source Security and Risk Analysis (OSSRA) today. The OSSRA revealed significant risks related to open-source vulnerabilities and license-compliance challenges, as well as high levels of risk in the retail and ecommerce industry. According to … continue reading
The Open Web Application Security Project (OWASP) released its Top 10 2017 project for public comment. This is the 14th year OWASP is raising awareness of security risks with its list, and it contains two major vulnerability updates, example attack scenarios, and a list of free and open resources for security-conscious developers. When Jeff Williams, OWASP … continue reading
Developers will never be responsible for all of security in an organization, but if they keep up with best practices, resources, and find new ways to secure and deliver good code, they could play a key role in developing resilient software. Today, most firms have a software security group (or SSG) or a product security … continue reading
