Report Surfaces Thousands of Potential Vulnerabilities in GitHub Workflows

An analysis of 2.5 million GitHub Actions workflow files belonging to 553,000 organizations and personal users surfaces thousands of potential…

21 hours ago

Helping Developers Build Secure APIs From the Start

Developers are already tasked with creating and managing APIs; they must also be empowered to secure them easily.

1 week ago

Survey Surfaces Lots of Software Supply Chain Insecurity

A global survey of 900 application security professionals finds nearly two-thirds work for organizations that have had their software supply…

2 weeks ago

Open-Source Software Community Riled by Yet Another CVE

Another maintainer of an open-source software project has decided to no longer actively update IP address parsing utilities used widely…

2 weeks ago

Aqua Security Shines Spotlight on Secrets Management Blindspots

A report published by Aqua Security finds that as many as 18% of secrets inadvertently exposed are not being discovered.

2 weeks ago

Most Critical Open Source Projects Lack Memory-Safe Code, CISA Says

The country’s top cybersecurity agency is continuing to urge software developers to adopt memory-safe programming languages to help reduce the…

3 weeks ago

Orca Security Adds Ability to Scan Source Code for Vulnerabilities

Orca Security this week extended the reach of its cybersecurity portfolio to include an application that scans source code stored…

3 weeks ago

Ensuring Application Security from Design to Operation with DevSecOps

Safe development is critical for any company that creates software, whether for its own use or for others. DevSecOps principles…

3 weeks ago

Datadog Extends Scope and Reach of Observability Platform

Datadog at its DASH 2024 conference added a bevy of tools and capabilities to streamline DevSecOps workflows, including integration with…

3 weeks ago

Decoding DevSecOps: Striking the Right Balance

DevSecOps has promise and pitfalls, and we need a path forward to achieve a balance between speed and security.

4 weeks ago