As companies across the globe race to fortify their cybersecurity defenses, they’re increasingly finding themselves navigating a complex maze when it comes to security testing. The past decade of innovation has produced an ecosystem now booming with countless tools, yet aligning these tools together, and avoiding tool sprawl, is proving to have its own set of … continue reading
Google announced that it is rolling out new tools and protections to help users stay in control of their personal information, privacy, and online safety. The “Results about you” tool has been updated and enhanced, enabling users to better manage their personal contact information on Google Search. It alerts users when their contact information appears … continue reading
The developer security company Sonar has announced an update to its platform, which will make it even easier for developers to write what Sonar calls “Clean Code,” or code that is “easy to read, maintain, understand and change through structure and consistency yet remains robust and secure to withstand performance demands.” The company has added … continue reading
Synopsys is working to make it easier for security teams to align their strategy across different projects, teams, and application security testing (AST) tools. They have released the Synopsys Software Risk Manager, which brings together security testing engines with policy-driven test orchestration and vulnerability management. According to Synopsys, Software Risk Manager allows teams to centrally … continue reading
Palo Alto Networks unveiled its CI/CD Security module which aims to offer comprehensive software delivery pipeline security integrated into code-to-cloud capabilities within Prisma Cloud’s CNAPP platform. Prisma Cloud focuses on safeguarding the CI/CD environment and effectively shielding against potential open-source vulnerabilities using software composition analysis, according to the company in a blog post. “A major … continue reading
The Rust Foundation outlined many improvements to the security structure of the language and expressed its commitment to developing tools, features, and recommendations based on security research in its Security Initiative Report. The Rust advancements follow the White House’s National Cybersecurity Strategy Implementation Plan that signals a deep civic investment in more secure programming languages like … continue reading
RALEIGH, NC – July 26, 2023 – Allstacks, a leader in value stream intelligence, today announced that it has successfully renewed a Type 2 Service Organization Control (SOC 2) examination conducted by an independent auditor. The audit demonstrated that the Allstacks platform meets specific criteria for guarding the data security of its clients and their customers. SOC … continue reading
JFrog has announced the introduction of JFrog Curation, an automated DevSecOps solution designed to thoroughly inspect and block contaminated open-source or third-party software packages and their respective dependencies before they enter a company’s software development environment. JFrog Curation, which is integrated with JFrog Artifactory, uses binary metadata for the identification of high-risk packages with high-severity … continue reading
Google is always working to improve privacy and transparency in Google Play so that users can be trustful of the place where they download all their Android apps. To that end, the company has just announced a number of updates, such as expanded developer verification requirements and new policies for developers wishing to offer blockchain-based … continue reading
With a 742% average annual increase in software supply chain attacks reported by Sonatype, application security has become a top concern for businesses. Today Vaadin is excited to announce AppSec Kit, a new Acceleration Kit designed to enhance the security of your web applications built with Vaadin. AppSec Kit is currently available for Vaadin 7 and Vaadin … continue reading
GitHub Enterprise Server (GHES) 3.9 is now available with more features that can help organizations collaborate better, gain better observability, and have faster workflows. Among its highlights are a new time-based view in GitHub Projects, as well as the ability to standardize issues with tools such as issue forms. GitHub Projects has been enhanced with … continue reading
The Open Worldwide Application Security Project (OWASP) announced the launch of OWASP CycloneDX version 1.5, a new standard in the Bill of Materials (BOM) domain that specifically targets issues of transparency and compliance within the software industry. CycloneDX v1.5 goes beyond established standards, by introducing ML transparency (ML-BOM), Formulation (MBOM), and enhanced support for SBOM … continue reading
