About ten years ago, GitHub embarked on a journey to create a platform that brought together the world’s largest developer community. Now that the company believes it has reached its initial goals, it is looking to the future with plans to expand the ecosystem and transform the way developers code through new tools and data. … continue reading
A new company is exiting stealth mode today with a mission to help organizations protect their cloud and microservices applications. ShiftLeft is an application-specific cloud security provider designed to secure cloud apps as part of the continuous integration pipeline rather than tackling threats as they are discovered in production. According to the company, while the … continue reading
Microsoft is giving engineers and developers a way to combat memory corruption issues with the release of VulnScan. VulnScan was created by the Microsoft Security Response Center after receiving a number reports about potential product vulnerabilities. “In practice, a significant proportion of these reports turn out to be memory corruption issues. In order to root … continue reading
Building end-to-end security into the software development process from the requirements phase through code delivery to production, is easier said than done. Often companies only run a few security tests and activities. That’s no longer good enough. In today’s environment it’s necessary to use multiple techniques to scour the entire software development lifecycle (SDLC) from … continue reading
Just weeks after releasing its commercial Go programming language distribution, ActiveState is taking on a new language. The company announced the beta release of ActiveRuby, its commercially supported Ruby distribution. ActiveRuby is based on Ruby 2.3.4, and provides easy installation, and features for the development and deployment of Ruby apps. “For enterprises looking to accelerate … continue reading
Machine learning brings new opportunities in the software security realm by offering new ways to handle data, detect malware and improve solutions. However, the problem with machine learning today is that it can be marketed as a silver bullet to catch all things in the security industry, when in reality the technology still has many … continue reading
Microsoft is releasing a new tool that uses artificial intelligence to find and detect software bugs. The Microsoft Security Risk Detection tool, previously known as Project Springboard, will be available by the end of the summer. “The tool is designed to catch the vulnerabilities before the software goes out the door, saving companies the heartache … continue reading
A new GraphQL server is now available for all Node.js frameworks. Apollo Server is a open-source GraphQL server that is community-maintained and works across: Express, Connect, Hapi, Joa, AWS Lambda, Restify and Micro. The Apollo team announced version 1.0 of the server this week. It is built for the community, for simplicity and for performance. … continue reading
Distil Networks is protecting the web from malicious bots with its newly announced Bot Defense for API solution. Bot Defense is designed to prevent malicious bots from accessing the API servers powering public-facing websites and mobile apps. “While usage of APIs to drive web and mobile apps is exploding, the security of those APIs remains … continue reading
If you’re like many organizations with data security concerns, you probably believe your automated tests are sufficient to catch any potential security or privacy vulnerabilities. The scenario is familiar: You’re streaming data from multiple sources into your SEIM systems, and you’ve configured triggers for the reporting process. You keep a close eye on results from … continue reading
Software containers are indisputably on the rise. Developers looking to build more efficient applications and quickly bring them to market love the flexibility that containers provide when building cloud-native applications. Enterprises also benefit from productivity gains and cost reductions, thanks to the improved resource utilization containers provide. Some criticize containers as being less secure than … continue reading
Artificial intelligence is getting more advanced, and beginning to give technologies the ability to do things we never could have imagined years ago. Machines can translate for us, they can talk back to us, they can listen to us, and they can even automate some of our tasks for us. But as technology begins to … continue reading