Topic: security

Google announces 2023 plans for privacy for Google Play and Android

Google prides itself on its initiatives regarding security in the Android ecosystem. Over the past year it has made a lot of strides, and now the company is detailing its plans for the upcoming year. One of the areas for improvement is opening up spaces for developers to support each other. It has opened up … continue reading

What the National Cybersecurity Strategy means for software providers

The National Cybersecurity Strategy released by the Biden Administration this week includes key recommendations that significantly mitigate software supply chain risks. Specifically, the White House recommends making software providers liable for insecure software. Until now, the U.S. government has never taken such a bold stance on liability for software products at this level. The strategy … continue reading

White House reveals new plan for how U.S. addresses cybersecurity

The White House has released a new plan for ensuring security in digital ecosystems. It hopes to “reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and … continue reading

Puppet Enterprise 2023.0 released with NIST compliance

Puppet Enterprise 2023.0 is the latest release following 2021.7 that includes NIST compliance, the ability to authenticate users in multiple Lightweight Directory Access Protocol (LDAP) domains, adds a streamlined user interface, and more.  With NIST compliance, Puppet Enterprise 2023.0 reduces compliance risk and the risk of sensitive information being accessed. Users can customize the timeout … continue reading

SonarQube 9.9 LTS helps organizations produce clean code

SonarSource’s release of SonarQube 9.9 Long-Term Support (LTS) aims to help organizations clean their code quickly with accelerated pull request analysis, support for building and deploying secure cloud-native applications, and more.  “Our mission is to equip organizations with the solution and methodology to achieve a state of Clean Code, making all code fit for development … continue reading

Time to hide your API

The need for robust API security is growing rapidly in response to the increasing dependence of organizations on APIs for their digital operations.  With 70% of respondents to a report expecting to use more APIs in 2023 than last year, this presents a heightened challenge for API security, which only comprises about 4% of the … continue reading

Enterprises struggle with long-term exposure to security flaws

As the number of zero-day vulnerabilities continues to climb, enterprises are struggling to keep up with the long-term exposure to these security flaws. Recently, Rob Silvers, undersecretary for policy at the U.S. Department of Homeland Security and chair of its Cyber Safety Review Board, proclaimed that Log4j “is not over.” He noted that enterprises are … continue reading

2023: The Year of Continuous Improvement

March 13, 2020. Friday the 13th. That’s when a large number of companies shut their offices to prevent the spread of a deadly virus – COVID-19. Many thought this would be a short, temporary thing.  They were wrong. The remainder of 2020 and 2021 were spent trying to figure out how to get an entire … continue reading

Report: over 30% of applications contain flaws at first scan

Veracode, provider of modern application security testing solutions, today released the results of the Veracode State of Software Security 2023 report, revealing that flaw build up overtime poses a real issue for many businesses. According to the report, nearly 32% of applications are found to have flaws at the first scan, jumping to almost 70% … continue reading

The biggest security challenges of 2023

Security will continue to cause headaches in 2023. Not only will companies have to continue dealing with the normal issues like supply chain security and preventing ransomware, which they’ll continue to deal with, but a number of companies see other issues on the horizon for 2023.  Supply chain attacks are ones in which the attackers … continue reading

Microsoft launches the stable release of Spring Cloud Azure 4.5.0 with passwordless support

Microsoft announced that Spring Cloud Azure version 4.5.0 has been released and is available from Maven Central. This is the first stable version to support passwordless connections to Azure Database for MySQL and Azure Database for PostgreSQL. Spring Cloud Azure is a framework that provides a way to build cloud-native applications using Azure services. It … continue reading

Snyk closes $196.5 million funding round

Developer security company Snyk today announced a $196.5 million Series G investment. The round was led by Qatar Investment Authority with participation from new investors Evolution Equity Partners, G Squared, and Irving Investors as well as existing investors boldstart ventures, Sands Capital, and Tiger Global.  According to the company, this comes after a year of … continue reading

DMCA.com Protection Status