The number of reported vulnerabilities found in open source software more than doubled in 2019 to almost 1,000, with projects such as Magento, GitLab, and Jenkins posting the largest increases, according to security firm RiskSense.
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
In an interview with Information Security Media Group's Tom Field, Rose...
Software development teams are often overloaded with security-related data, that hinders delivery speeds and security integrity.
In this virtual session, we will discuss and learn:
The importance of application security testing solutions.
How testing leverages automation to produce high-quality findings and...
To achieve better network visibility, security practitioners must improve their knowledge of tools that support web services, containers and the evolution of development practices, says Ed Moyle, co-founder of the cybersecurity advisory firm Security Curve.
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
Many governments are pursuing contact-tracing apps to combat COVID-19, but such projects risk subjecting populations to invasive, long-term surveillance - as well as insufficient adoption - unless they take an open, transparent and as decentralized approach, says cybersecurity expert Alan Woodward.
The root cause of many successful cyberattacks lies primarily in
vulnerable software itself. The real question that needs to be asked
is, "Can the industry do a better job of writing more-secure code,
making software applications nearly impenetrable to cyberattacks?"
What's making your software essential to your...
As businesses face pressure to release software faster, security is unfortunately not keeping pace, says Anthony Bettini of WhiteHat Security, who reviews DevSecOps challenges.
RSA 2020 touched on a number of topics, including the security of elections and supply chains, plus AI, zero trust and frameworks, among many others. But from sessions on cryptography, to this year's lower attendance, to the antibacterial dispensers dotted around venues, concerns over COVID-19 also dominated.
Software development over the past decade: The good news is that more organizations than ever have secure software development practices in place, says Chris Eng, chief research officer at Veracode. But the bad news is that many of the same flaws - including injection vulnerabilities - persist.
Containers are becoming more popular, but how do you deal with the security challenges of using containers?
You have to secure the application, the code, the web server and the host itself.
And how do you do this at the speed of DevSecOps?
Join Tim Chase, Director of Information Security at Healthstream, as he...
DevSecOps has taken the world by storm. Ever since the DevSecOps philosophy stepped into the limelight in the past few years, a growing number of organisations are trying to ensure their businesses are set up with the security in mind (and practice) from the get-go.
In theory, the concept is great. In practice?...
Containers are shaping the way organizations are developing and managing applications nowadays. However, many are not always fully aware of the measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security aspects. The mindset of securing our...
DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal - Office of the CISO at AWS, as he discusses and shows:
How public cloud technology enables you to fully embrace security automation in your infrastructure
How...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.
