Tag: secure development
How Open Source Dependency and Repo Attacks Compromise DevOps Pipelines and How to Stay Safe
Alex Vakulov | | CVE, Dependency Governance, log4j, Malicious Code Injection, open source security, Package Managers, SBoM, secure development, supply chain risk, typosquattingModern applications rely on open source components for up to 90% of their code, creating a vast attack surface dominated by inhemalicious supply chain injections. High-profile incidents like Log4j and the sabotage ...
Mobile Apps Are Under Attack — And App Stores Will Not Protect You
Alex Vakulov | | App Data Breach, App Hardening, App Store Security, App Vulnerabilities, Secure App Development, secure developmentAdvanced tactics allow attackers to break into mobile apps from the inside, bypass authentication systems, and compromise sensitive user information through deepfake-powered identity fraud. ...
Ensuring Application Security from Design to Operation with DevSecOps
Alex Vakulov | | application security, devsecops, secure development, security, security testing, vulnerabilitiesSafe development is critical for any company that creates software, whether for its own use or for others. DevSecOps principles focus on automating information security processes and introducing security measures early in ...
Securing Open Source Software, the Cyber Resilience Act Way
Steven J. Vaughan-Nichols | | Cyber Resilience Act, cybersecurity standards, Eclipse Foundation, open source, Open Standards, programming, secure developmentThe Eclipse Foundation is spearheading an effort to create a unified framework for secure software development ...
