The importance of OAuth 2.0

“There’s an app for that,” but not all apps are created equal. Users expect there to be an endless amount of applications to make their lives easier, but they forget to take into account what kind of security measures those applications provide. In addition, these applications and services often connect to other applications and services, … continue reading

Gartner’s guide to successful DevSecOps

In a recent survey conducted by Gartner, the organization found that the highest-ranked strategy for a successful DevOps approach was collaboration with information security. “In the past 12 months at Gartner, how to securely integrate security into DevOps — delivering DevSecOps — has been one of the fastest-growing areas of interest of clients, with more … continue reading

DevSecOps: Baking security into development

Software is the lifeblood of most businesses today. So, what happens if that software is unreliable or insecure? It seems like a no-brainer that the software being pushed out should be protected. But, as software is being developed and deployed at a rapid pace, an important aspect of the life cycle gets lost in the … continue reading

Report: Developers aren’t to blame for security issues

The idea that developers don’t care about application security is a myth. A recently released report found that not only do developers take application security seriously, they take the time to find and fix vulnerabilities in their applications. “Developers want to create great code, and to them that also means code that won’t get their … continue reading

OWASP releases the Top 10 2017 security risks

The Open Web Application Security Project (OWASP) officially released its Top 10 most critical web application security risks. This is the first time the organization has updated the Top 10 since 2013. “Change has accelerated over the last four years, and the OWASP Top 10 needed to change. We’ve completely refactored the OWASP Top 10, … continue reading

GitHub releases security alerts

GitHub has announced security alerts for developers are now available. The company first announced security alerts at the GitHub Universe conference last month. The new solution is designed to detect vulnerable dependencies, alert affected repositories, and suggest known fixes. The security alerts are a part of the company’s recently announced dependency graph, which enables developers … continue reading

Microsoft uses machine learning to combat security vulnerabilities

Microsoft is applying machine learning and deep neural networks to its software security approach. The company announced a new research project, neural fuzzing, designed to augment traditional fuzzing techniques, discover vulnerabilities, and learn from past software experiences. The research is based on Microsoft’s Security Risk Detection tool that incorporates artificial intelligence to find and detect … continue reading

NodeSource survey reveals developers are slacking on security

A survey released today by NodeSource, developers of Node.js, and Sqreen, a SaaS security solution, found that while developers are fully aware of security risks associated with operating in the open Internet, they’re lax in implementing tools for threat detection and mitigation. The survey, which looked at responses from nearly 300 Node.js users — CTOs, … continue reading

Synopsys to acquire Black Duck Software

Synopsys and Black Duck Software have signed an agreement that will allow Synopsys to acquire Black Duck for approximately $565 million. Black Duck is known for its open source security and license management solutions. The acquisition is expected to close in December of this year. The transaction will be subject to Hart Scott Rodino regulatory … continue reading

Researchers add physical objects into two-factor authentication

As passwords continue to be a problem in today’s modern world, one group of computer researchers is taking a new approach to protecting the web. Researchers from Florida International University and Bloomberg have developed a two-factor authentication solution that depends on physical objects rather than code. We use passwords to unlock sensitive information such as … continue reading

How your security budget helps hackers win

When a single breach can cause untold damage to your business, from millions in losses to reputational damage, operational disruption, and lost trust, you want to align your security budget with the actual threats you face. So why does the typical company allocate less than 3% of its security budget to application security—when a full 30% of successful breaches … continue reading

Google: More of the web is protected with HTTPS

It has been over a year since Google announced its commitment to provide a more secure web with HTTPS, and today the company is announcing it is making great strides. Google is releasing its public Transparency Report to detail the progress it’s made with HTTPS usage. According to the report, 64% of Chrome traffic on … continue reading

Next Page »
HTML Snippets Powered By : XYZScripts.com