days
-3
-4
hours
-2
0
minutes
-4
-6
seconds
-3
-5
search

#security

Keeping your data safe

From data to decision-making: Data security in 2019

In this article, Ralf Huuck goes over his predictions for how the field of data security will shake out in the new year. What’s in store for 2019? Hopefully, more standardization within the field and less data breaches overall.

Security profiles for Java, JavaScript, Python and PHP

Which programming language is the most secure? High security vulnerabilities for Java have declined since 2015

Time to put languages to the test. Which programming languages are the most secure and which have dents in their armor? A report from WhiteSource examined security vulnerabilities in some of the most popular programming languages and looked at the trends of high security vulnerabilities over the years.

This is a security 101

Audit API security based on their OpenAPI contract

According to Gartner, by 2022 API abuse will be the most frequented attack vector on the enterprises. In this tutorial, Dmitry Sotnikov shows how you can use your API contract file to locate and remediate some of the common API vulnerabilities.

Assessing the reality of security breaches

Gaps in traditional security – Why do gaps keep appearing year after year?

Why do gaps keep appearing year after year? While the reason behind this is rather simple, the solution isn’t. In this article, Dr. Ratinder Paul Singh Ahuja makes an assessment of the security breaches and discusses what security will need in the future in order to deal with an ever-evolving infrastructure.

Watch Christian Schneider's DevOpsCon 2017 session

Security professional’s toolbox: Semi-automated pentesting with open source tools

Despite the high quality of supportive tools in the field of security testing, this is still unknown territory for many development projects and therefore still has some unused potential. Christian Schneider’s session at DevOpsCon 2017 offers a well-rounded overview of the open-source tools used by security professionals and penetration testers in their daily work on the detection of security vulnerabilities.

Interview with Doug Dooley, Data Theorem COO

API Discover & API Inspect promise to help enterprises combat Shadow APIs

Data Theorem recently launched two new API security products: API Discover, which helps enterprises combat what has been known as Shadow APIs, rogue APIs developers publish without proper enterprise security vetting that go undetected by today’s legacy security tools and API Inspect solution, which provides a continuous and automated security verification service to ensure the real-world operations of APIs always match their intended specs. We talked to Doug Dooley, Data Theorem COO about all this and more.

Interview with Vladimír Smitka, security specialist and researcher

“The GDPR fever opened a greatly beneficial discussion on privacy protection – before that, nobody cared!”

Earlier this month, we reviewed the research of Vladimír Smitka on open .git folders in websites globally. The results of his research were remarkable – 390,000 web pages were found with open .git directory! So we invited Vladimir for a talk on his research, GDPR implications and his views on open source vulnerabilities.

Interview with Tim Mackey [VIDEO]

AppSec at the speed of DevOps in the age of open source

In the world of DevOps, traditional application security is no longer enough. How can we improve AppSec? What are the newest security challenges that arise as DevOps becomes more mature? JAXenter editor Gabriela Motroc caught up with Tim Mackey, technical evangelist for Black Duck by Synopsys at DevOpsCon 2018 to talk about all this and more.

Two major functions of Blockchain technology aid cybersecurity

How is blockchain technology revamping cybersecurity?

Technically speaking, Blockchain has revolutionized the cybersecurity process and has considerably made it harder for cyber terrorists to tamper with critical data. In this article, Maria Thomas explores two major functions of Blockchain technology that aid cybersecurity.