Topic: vulnerability

DeepCode reveals the top security issues plaguing software developers

DeepCode has revealed the most important bugs as well as the top security vulnerabilities. The analysis comes from the company’s AI-powered code review tool, which analyzed hundreds of thousands of open-source projects to narrow down the vulnerabilities that happen with the most frequency.  According to the analysis, file I/O corruptions are the biggest general issue … continue reading

SD Times news digest: VMware’s acquisition of Pivotal, GitHub Enterprise on AWS Marketplace, and security patches for Git vulnerabilities

VMware announced that it completed the acquisition of Pivotal Software, a cloud-native platform provider. “We believe that modern application development solutions and practices need to be easily accessible to everyday enterprises across the globe. With Pivotal’s developer capabilities as the foundation, we’ll focus on delivering consumable, enterprise-ready cloud native offerings to customers to help them … continue reading

Npm finds binary planting bug and urges users to update

The JavaScript package manage provider npm has found a security vulnerability that can open access to arbitrary files on a user’s system. According to the company, npm versions prior to 6.13.4 made it possible for a globally-installed package to overwrite an existing binary in the target location. Npm is recommending an to update to npm … continue reading

Google introduces invisible reCAPTCHA, beta launch of Cloud Functions for Firebase, and Kaggle joins Google Cloud—SD Times news digest: March 10, 2017

Google is taking reCAPTCHA one step further by making it invisible. Now, human users will be let through without seeing the “I’m not a robot” checkbox, and bot and suspicious users will have to solve challenges that use Google’s risk analysis algorithms. The advantage of reCAPTCHA is its enhanced security, according to Google. It’s a … continue reading

SecurityScorecard: Device owner awareness can improve operating system security

There is an ongoing debate as to which popular operating system is more secure. Despite recent claims that Android is more secure than iPhone, any computing device is only as secure as the information security practices maintained by the device owner, according to an expert from SecurityScorecard. While it is true that Android’s “open-source” operating … continue reading

HPE Security Fortify report finds application security is lacking in DevOps processes

The adoption of DevOps is transforming how companies deliver software, but this shift toward agility and Continuous Delivery is exposing some gaps that persist in application security. A majority of security teams and developers agree that adopting DevOps into their culture can improve application security, but only a small portion of them actually do application … continue reading

Veracode’s State of Software Security Report, Symphony Software Foundation’s Open Developer Platform, and DevExpress open-sources TestCafe—SD Times news digest: Oct. 18, 2016

Veracode today released its findings from its annual State of Software Security Report, which revealed that the persistent use of components in software development is creating unmanaged risk. The report also found that companies can benefit if they accelerate their application security programs. Veracode found that a single popular component with a critical vulnerability spread … continue reading

New Google Play developer features, Toyota Research invests in AI, FreeBSD vulnerabilities, and Swordphish’s public beta—SD Times news digest: August 11, 2016

Google is giving Android developers new ways to stay informed about their apps. The company is updating the Google Play Developer Console app with new features for reviews and experiments. “With over one million apps published through the Google Play Developer Console, we know how important it is to publish with confidence, acquire users, learn … continue reading

Dependency CI reviews potential vulnerabilities for open-source projects

The founder of an open-source library discovery service launched a new project today that can continuously test open-source dependencies for potential vulnerabilities and other issues. The project is Dependency CI, an open-source tool that integrates directly into a GitHub workflow just like other CI systems. It runs a set of configurable tests on any dependency … continue reading

Google’s machine learning chip, Apache Software Foundation’s new executive director, and the SBRA developer portal—SD Times news digest: May 19, 2016

There have been plenty of announcements coming out of Google I/O this week, and yesterday, Google said that one of its projects that was created years ago is helping it accomplish its own custom accelerators for machine learning applications. The result of that project is called a Tensor Processing Unit (TPU), which is a custom … continue reading

PostgreSQL 9.6 beta, SyntaxNet goes open source, and Mozilla files a motion with U.S. District Court—SD Times news digest: May 13, 2016

The first beta release of PostgreSQL 9.6 is ready for download, containing previews of all the features that will become available when the final version is here. The PostgreSQL Global Development Group is encouraging its users to begin testing their applications against this new release. New changes and enhancements include parallel sequential scans, joins and … continue reading

Report: FBI hacked into encrypted iPhone, and Apple wants to know how

The Apple and FBI battle over the encrypted iPhone was believed to be over when the FBI announced on Monday that it managed to unlock the San Bernardino shooter’s phone. But Apple wants to know how the agency was able to get through its security features, and so the battle continues. The Los Angeles Times … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!