WhiteSource has renamed itself Mend as the company pushes beyond software composition analysis to become a broad application security platform with automated remediation. The name WhiteSource didn't have any negative connotations when the company was founded, but some people today find it offensive.
The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S. The plan was announced at the Open Source Software Security Summit II in Washington, D.C., on Thursday.
Observability initiatives are currently top of mind for many DevOps teams. In today's world of complex, distributed, hybrid cloud applications, improved visibility and application performance is crucial to ensuring a great digital experience for customers. Learn why observability matters for your team and what to...
According to a recent survey conducted by Noname Security, 41% of
organizations experienced an API security incident in the last 12 months and
63% of the incidents involved a data breach or data loss. Filip Verloy, technical
evangelist, EMEA at Noname Security, says that “tighter integration of API
security...
In light of research saying 41% of organizations had an API security incident in the last year and 63% of the incidents involved a data breach or loss, Filip Verloy of Noname Security discusses how tighter integration of API security testing and other "shift left" strategies can mitigate breaches.
When it comes to vulnerabilities, what you don’t know can hurt you. Just because a system doesn’t have any known vulnerabilities, it does not mean it is secure. There are almost infinite possibilities for input into a product, and any one of them might lead to an undiscovered security flaw. In this guide, we...
Global research: Security leaders’ priorities for cloud integrity, the talent gap and the most urgent attack vectors.
Our global survey finds that security organizations face more — and more serious — challenges than ever. Exacerbated by the pressures of the pandemic, the rise of dangerous avenues of attack...
FedRAMP compliance for a software as a service (SaaS) vendor is challenging at scale. The only way to force multiply your security effort is to use cloud native technology. Datadog in particular has some unique concerns with regard to securing customer data. Join this session to learn exactly how they maintain...
The bad guys are out there, watching and waiting for an opportunity to strike. They are gathering information about your organisation and users, devising the perfect plan to infiltrate your defences. What if you could see your organisation through the eyes of an attacker?
Attend this webinar to learn:
The...
You can see it in the headlines: Apps are a prominent vector for adversaries to get entry into organizations and access to the digital crown jewels.
Daniel Shugrue of Digital.ai tells why "shift left" means far more than just testing software for vulnerabilities.
In an interview with Information Security Media...
You can see it in the headlines: Apps are a prominent vector for adversaries to get entry into organizations and access to the digital crown jewels. Daniel Shugrue of Digital.ai tells why "shift left" means far more than just testing software for vulnerabilities.
Jeff Williams, co-founder and CTO of Contrast Security, says people have a right to know if the products they use are secure. It's difficult to tell if software is secure, he says, so companies need incentives to build good security programs, improve their software and disclose any flaws they find.
Fresh from the Log4j mitigation sprint, enterprises now find themselves confronting cultural barriers between application development and security. Larry Maccherone of Contrast Security shares insight on how to tear down these walls and incentivize new behaviors.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.