Tag: secure software development
CISA Pushes Steps to Better Secure Software and Product Designs
The country’s top cybersecurity agency is urging developers to take steps to ensure the software they’re building and the products they roll out are secure and protect end users. The Cybersecurity and ...
Can Regulatory Mandates Secure Software Development?
Software companies have a long history of delivering incomplete and insecure products. This happens for a couple of reasons. Fast time-to-market has always been a business priority, taking precedence over security, especially ...
Embracing Security by Design in Development
The number of data breaches publicly reported in 2021 far exceeded the total for 2020, making 2021 a record year. With cyberattacks on the rise and bad actors and ransomware gangs demanding ...
Prioritizing Scalability, Reliability and Security in Engineering
Cristina Buenahora Bustamante | | delivery pipeline, engineering, incident response, secure software development, SREAs digital products and services are more deeply embedded in critical industries and infrastructure and the implications of problems grow in scope, engineering organizations are renewing their focus on building platforms that ...
Tips for a Successful DevSecOps Life Cycle
A DevOps implementation, if done correctly, can do wonders for any organization that's on the hunt for efficiency, productivity and speed. As per the 2020 survey conducted by Atlassian, 99% of survey ...
JFrog Acquires Vdoo to Advance DevSecOps
Mike Vizard | | application development, binaries, DAST, devsecops, jfrog, SAST, secure software development, VdooJFrog today announced it has agreed to acquire Vdoo for $300 million in cash to gain a set of analytics tools that discover vulnerabilities in application binaries. Vdoo's scanning tools, infused with ...
Prevent False Positives From Derailing Shift Left
Walter Capitani | | application testing, SAST, secure software development, security testing, shift leftStatic application security testing (SAST) tools are designed to balance false positives (incorrect warnings) with false negatives (missed vulnerabilities) primarily because deeper analysis requires more time and computing resources. Both of these ...
GitGuardian Reports Careless Handling of Application Secrets
A new report, the 2021 State of Secrets Sprawl on GitHub, published today by GitGuardian, a provider of a tool for monitoring usage of application secrets, suggests developers are not especially good ...
How the SRE Role Is Evolving
Bill Doerrfeld | | secure software development, service reliability engineer, SRE, systems administratorIn recent years, site reliability engineering (SRE) has garnered much interest. In , LinkedIn listed site reliability engineer as the second most promising job in the United States. Now, in 2021, the ...
Continuous Security Through Developer Empowerment
Guy Podjarny | | apm, application security, continuous security, devsecops, monitoring, secure software development, SREEvery organization is embracing DevOps to one degree or another. The business impact of shipping software quickly and adapting to market needs is so immense that it has become a requirement—you’re either ...
