Pieter Danhieux, CoFounder/CEO of Secure Code Warrior discussed cybercrime with us. We learned all about common kinds of security vulnerabilities, best practices organizations should take to achieve property security compliance, and how teams can focus more on building security into their code.
The battle between security and convenience is a trade-off that users, system administrators, security professionals and CISOs have to make every day. This is a particularly big problem for software developers and DevOps teams who commonly opt for the convenient solution of sharing private keys between one another.
Maty Siman, founder and CTO at Checkmarx spoke with us about how ahead-of-time analysis helps application security. Learn what security red flags we should look out for in open source code, how machine learning models can detect security vulnerabilities in code, and more.
To create a security mindset within the engineering organization, security teams must enable engineering teams with the tools that suit their workflow. This article will explore how to bake security into the agile and DevOps way of working and what steps and practices to consider.
Phishing emails carrying sophisticated malware undetectable by standard antiviruses more and more often serve as the main infection vector for data breaches and various cyber-scams. Protection against such threats requires a more advanced solution — a system for detecting attacks on endpoints, aka EDR (Endpoint Detection & Response). This article reveals how EDR identifies sophisticated attacks and whether it is worth installing it yourself or choosing EDR-as-a-service.
Internet Explorer (IE) will be officially retired on June 15, 2022. Microsoft will altogether stop supporting and updating the pioneering web browser. As IE winds down, the question becomes, how does this affect businesses and existing software, and what will its full impact be?
One of the most common cases for cloud implementation is IT infrastructure modernization to increase its flexibility, security, and cost-effectiveness. Progress has its price — without proper management, utilizing a nontraditional, cloud-based infrastructure may cause risks.
What is Sonatype Lift and how can it help enhance security? We had a chat with Stephen Magill about how Sonatype Lift can help bring security beyond silos. Stephen also shares some security tips, how false positives affect cybersecurity, and where the biggest security threats lie in organizations.
Are we sitting on major security vulnerabilities right now? How has security changed in the past 20 years? We interviewed Ilkka Turunen, Sonatype Field CTO and Muzaffer Pasha, Security Evangelist at Traceable about how to achieve better security in open source and in your organization.
Gartner has predicted more than 75 percent of global organizations will be running containerised applications in production by 2022. With so many more moving parts to look at, developers have to automate how they gather data on their infrastructure components, while security teams have to understand the new models for applications too.
Data privacy regulations are relatively new and not well understood within an organization. With that context, the way organizations should approach data privacy isn’t only about compliance with regulations; it’s also the right thing to do to build trust with their customers. How do you introduce privacy and trust as part of your culture?
While financial services organisations have historically been strong when it comes to employing application security testing tools, more can be done to accelerate efforts and make these continuous. So what specific steps can be taken by companies in this space to address security in the software they create for the remainder of 2021, and how will this benefit them long term?
Jeff Williams, CTO and Co-founder at Contrast Security, spoke to us about the newest State of Application Security in Financial Services Report. Read his insights on the importance of observability, how false positives affect security, and the best practices we should all take.
We spoke with Brendan O’Leary Sr. Developer Evangelist at GitLab about remote working, the rise in security confidence, testing best practices, Kubernetes implementation, and more. Read on to learn more about what open source tools Brendan O’Leary suggests.