Secure Coding
Don’t Trust the Security of the Software Supply Chain
Now more than ever, organizations are relying on the supply chain for basic business operations. According to Charlie Jones, director of product management with ReversingLabs, there are two reasons for this: The ...
Orca Security Traces Cloud Vulnerabilities Back to Code
Orca Security today announced it added an ability to trace cloud security risks in production environments back to both the original code that created the issue and the developer that wrote it ...
Chainguard Unveils Memory-Safe Linux Distribution
Chainguard this week made available a memory-safe distribution of Linux, dubbed Wolfi, that promises to eliminate the root cause of the bulk of known software vulnerabilities. In addition, Chainguard has partnered with ...
Where is Your Risk? Vulnerabilities in Software Development
Organizations are facing a variety of software-related risks, and vulnerabilities introduced in the development process are just one of them. The sooner they can figure out where these risks exist and how ...
Insecure coding workshop: Analyzing GitHub Copilot suggestions
AI-generated code suggestions from GitHub Copilot can be a huge timesaver – but what about security? Invicti security engineer Kadir Arslan examines Copilot suggestions and points out common vulnerabilities that you need ...
Your DevOps Process Needs to Integrate API Security
If your organization relies on the cloud, you also rely on APIs. “Whatever the project of the day (application modernization, monolith to microservice digital transformation, multi-cloud service mesh enablement, to name a ...
Automating Secure Coding Training
More and more companies, from national retailers to financial powerhouses, are emphasizing secure coding training for their developers. After all, it creates a culture of security-minded teams and incentivizes ongoing excellence for ...
Wicked Good Development – Episode 2
Wicked Good Development is dedicated to the future of open source. This space is to learn about the latest in the developer community and talk shop with open source software innovators and experts ...
Lacework Acquires Soluble to Improve Cloud Security
Lacework this week revealed it has acquired Soluble, a provider of a platform for remediating code that was created to provision infrastructure. At the same time, Lacework has added an inline vulnerability ...
Google Contributes $1M to Reward Developers for OSS Security
Google today launched a Secure Open Source (SOS) pilot program, managed by the Linux Foundation, through which it will set aside $1 million to compensate developers that work on initiatives to better ...