Containers are shaping the way organizations are developing and managing applications nowadays. However, many are not always fully aware of the measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security aspects. The mindset of securing our...
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Code reuse kills - software quality, that is, according to a new study of C++ code snippets shared on Stack Overflow that were reused in more than 2,800 GitHub projects. But there's help for organizations that want to support their developers' urge to cut and paste prewritten code snippets.
Software is no longer delivered on a CD-ROM with occasional updates. Software delivery has become a continuous process for SaaS, mobile and desktop apps with technology suppliers woven in. Open source, service provider APIs, and of course cloud are all woven in and changing continuously.
What value is a point in...
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
The recent exposure of customer data on the website of Singapore Airlines as a result of a software bug is further evidence of the persistent challenge of adequately addressing security during the development stage.
Open source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risk. Vulnerabilities in components are a hidden cost of free software. And their widespread use creates opportunities for attackers looking to exploit the most possible victims by...
Open source usage has become a mainstream practice - it's impossible to keep up with today's pace of software production without it. The rise in open source usage, however, has led to a dramatic rise in open source vulnerabilities, demanding that development and security teams address the rapidly evolving issue of...
The ins and outs of open source security all in one comprehensive guide.
Download this joint report by Microsoft and WhiteSource in order to learn more about:
The difference in finding & fixing vulnerabilities in open source components opposed to proprietary code;
How to grasp the unique challenges of open source...
In September 7th, 2017 Equifax announced a data breach which exposed financial and personal data of 44% of the U.S. population, as well as numerous individuals in the United Kingdom and Canada.
Read this white paper in order to understand and learn:
The root cause of this breach;
How detection and remediation of...
In 2017, applications rolled out the welcome mat to malicious hackers, topping the list of successful external attack targets. Why? Developers continue transitioning from perfect to fast to provide unique customer experiences, and there aren't enough security pros to maintain manual application security review...
Open source adoption has exploded, and with it come new risks. High-profile security incidents like HeartBleed, as well as the Equifax breach, have highlighted their impact.
Download the report by 451 Research and learn more about:
The risks of adopting open source components and how these affect application and...
The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel. The breach alert follows a recent GAO report warning of serious cybersecurity shortcomings in U.S. weapon systems.
Building Security in Maturity Model, BSIMM: What is it and How Your Organization Can Leverage the Data
Do you ever wonder whether your software security program is the correct one for your organization? You spend time and money on processes, technology, and people. But how do you know whether the security efforts...
Benchmarking your software security initiative can tell you if you are keeping pace with your peers, or if you should accelerate your efforts to rise above the competition. The results of a benchmarking assessment can help you identify new security strategies and prioritize scarce resources to be most effective....
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
