The Open Worldwide Application Security Project (OWASP) announced the launch of OWASP CycloneDX version 1.5, a new standard in the Bill of Materials (BOM) domain that specifically targets issues of transparency and compliance within the software industry. CycloneDX v1.5 goes beyond established standards, by introducing ML transparency (ML-BOM), Formulation (MBOM), and enhanced support for SBOM … continue reading
BOSTON – June 27, 2023 – Mendix, a Siemens business and global leader in modern enterprise application development, today announced the general availability of Mendix 10, the most powerful release of the industry-leading low-code platform. Mendix 10 introduces a host of innovations that empower organizations to meet the unprecedented demand for software by enabling shifts in enterprise-wide digital solution delivery. Organizations across all … continue reading
The confidential cloud computing company Fortanix unveiled Fortanix Confidential Data Search. This high-performance solution allows for secure, scalable searches within encrypted databases holding sensitive data, without jeopardizing the data’s security or violating privacy regulations. According to the company, presently, the market predominantly offers encrypted data search solutions that rely on intricate and costly cryptographic methods, … continue reading
The newly announced Security in Jira for Jira Software Cloud is aimed at helping organizations prioritize security more effectively by providing software teams with visibility into the security issues that need to be resolved. In collaboration with partners like Snyk, Mend, Lacework, Stackhawk, and JFrog, Atlassian is equipping teams with the means to tackle security … continue reading
Wind River unveiled its latest offering, the Wind River Studio Linux Security Scanning Service. This service, designed specifically for embedded Linux development, offers high-quality scanning capabilities to detect and identify Common Vulnerabilities and Exposures (CVEs) and is currently accessible to users free of charge. The new service goes beyond detection and also provides information on … continue reading
OpenAI announced that it is launching the Cybersecurity Grant Program, which is a $1 million initiative to boost and quantify AI-powered cybersecurity capabilities and to foster high-level AI and cybersecurity discourse. The company aims to collaborate with security professionals worldwide in order to shift the balance of power in cybersecurity. Their strategy involves leveraging AI … continue reading
Red Hat Service Interconnect, which can simplify application connectivity and security across platforms, clusters, and clouds, is now generally available after being announced at Red Hat Summit. The solution is based on the open-source project Skupper.io, which enables secure communication across Kubernetes clusters with no VPNs or special firewall rules. According to Red Hat, application … continue reading
InfluxDB announced expanded time series capabilities across its product portfolio with the release of InfluxDB 3.0, the company’s rebuilt database and storage engine for time series analytics. “InfluxDB 3.0 is a major milestone for InfluxData, developed with cutting-edge technologies focused on scale and performance to deliver the future of time series,” said Evan Kaplan, CEO … continue reading
GitLab announced that it has been expanding support for Code Suggestions, has added a new level of visibility with Value Stream Dashboard, and has added a new and improved license compliance scanner along with license approval policies. The company’s aim behind the improvements is to help fill the skills gap since security engineers are outnumbered … continue reading
Application security testing company GrammaTech and AppSecOps company ArmorCode have announced a technology integration partnership geared at helping users automate product security across development, testing, feedback, and deployment. With the GrammaTech CodeSonar static application security testing (SAST) platform, ArmorCode users gain improved safety and security vulnerability intelligence for integrating application security capabilities into CI/CD pipelines. … continue reading
In today’s digital age, ensuring secure authentication at your organization is more crucial than ever. With the increasing prevalence of cyber attacks, data breaches, and identity theft, it is imperative for businesses to implement robust security measures to protect their sensitive information and assets. Passwords are still the leading cause of security breaches, and we’ll … continue reading
Tython is an open-source Security as Code framework and SDK that is geared towards building security design patterns as-code. It takes an architectural approach to cloud security, supports the user’s choice of programming language, and removes vendor lock-in. With Tython, customers can design reusable security references architectures as-code with pre-built blueprints so that they don’t … continue reading
