Docker has decided to keep your secrets. The company Friday announced that the newest release of Docker Datacenter includes security-management tools for handling what it’s labeling as “Secrets.” These include API keys, passwords and encryption keys. Docker Datacenter keeps data secure not only at rest, but also in transit. Using encryption, it offers a standardized … continue reading
The Apache Software Foundation welcomed another project to the top level this week. Apache Ranger, a Big Data security-management framework for the Apache Hadoop ecosystem, has graduated from the Apache Incubator. Apache Ranger is used by companies like ING, Protegrity and Sprint, along with a few other organizations. It offers comprehensive security coverage and native … continue reading
Businesses are still facing challenges in securing their data and applications, and a recent survey from Citrix highlights businesses’ never-ending struggle of effectively securing both data and infrastructure. In fact, Citrix found that it’s not just the security policies that are the problem; it’s the organization’s own solutions and employee devices that further complicate things. … continue reading
GitHub wants to make it easier for users to get back into their accounts after they get locked out. The company announced users can now connect their Facebook accounts with their GitHub accounts. “This will help us recover your account for certain two-factor authentication lockout scenarios,” wrote Neil Matatall, GitHub employee, in a blog post. … continue reading
Checkmarx has expanded support for Scala into its static code-analysis tool. Checkmarx now supports 20 programming languages in its security-scanning product. Scala joins a host of other popular languages, such as C#, Java, PHP, Python, and even Perl. Checkmarx Static Code Analysis, as of today, can be run against a Scala codebase to find common … continue reading
Google sent out an e-mail late last week letting people know that ClojureScript, the Clojure compiler that emits JavaScript source code, has a feature release that includes externs inference and comprehensive JavaScript module support. The release includes externs inference, which “should greatly ease the integration of third-party JavaScript libraries incompatible with Google Clojure advanced compilation,” … continue reading
Almost every modern business and application uses open-source modules. It’s misleading to spend time distinguishing between open-source and proprietary software, because modern applications include third-party software components. Many of those components are open source, and very few companies have a solid understanding of the security vulnerabilities that come with the code. The reach and impact … continue reading
It’s a scenario right out of a Bond movie. James is charging down a hallway, parkouring over bad guys, shooting everyone he sees in a mad dash to get to the glowing computer screen in a dark basement under the villain’s hideout. Inside that computer: stolen information. Maybe it’s a list of other agents. Maybe … continue reading
Veracode wants to help developers spot security defects in seconds, which led it to announce the availability of Greenlight, a product that lets developers easily scan their code while they work. Greenlight is an embedded security solution that lets developers identify and fix security vulnerabilities, and to rescan the code to make sure it has … continue reading
The HummingBad malware is back with a new variant, named “HummingWhale,” which has been found in more than 20 apps on Google Play. The malware-infected apps were downloaded several million times by users, and researchers from security company Check Point discovered the malware and notified the Google security team about the apps, which have since … continue reading
The Federal Trade Commission (FTC) recently announced a new competition that challenges the public to create a tool that consumers can use to protect their homes from Internet of Things devices. While contestants can use this opportunity to show off their skills, Flexera Software said this challenge is a “no-win situation,” and that it shouldn’t … continue reading
SmartBear Software announced TestComplete 12.2, with features like the new Environment Manager and connection to an on-demand cloud testing lab. Environment Manager is powered by CrossBrowserTesting, a division of SmartBear acquired in 2016, and it gives teams access to services provided by CrossBrowserTesting, which is a cloud testing platform with more than 300,000 users, according … continue reading
