In this article, we explore key metrics that can help bridge the gap between the speed of DevOps processes and the essential security requirements needed to protect systems effectively.
CISA Pushes Steps to Better Secure Software and Product Designs
The country’s top cybersecurity agency is urging developers to take steps to ensure the software they’re building and the products they roll out are secure and protect end users. The Cybersecurity and Infrastructure Security Agency (CISA) this week rolled out a series of recommendations that it wants businesses and critical infrastructure organizations to adopt to […]
Sonar Acquires Tidelift to Extend DevSecOps Reach Into Open Source Software
Sonar today revealed it has agreed to acquire Tidelift to gain access to third-party open-source code that it plans to integrate into its static code analysis tools.
DefectDojo Adds Ability to Normalize DevSecOps Data to ASPM Platform
DefectDojo today added a universal parser to its application security posture management platform (ASPM) that makes it possible to normalize data ingested from any DevSecOps tools and platforms that expose data in a JSON or XML format.
How an Effective AppSec Program Shifts Your Teams From Fixing to Building
Development teams are under growing pressure to build cutting-edge applications with shorter development lifecycles. However, they are often slowed down by the growing burden of fixing security vulnerabilities. Ineffective application security processes mean these teams can spend more time firefighting than building, diverting focus from their primary objective: Delivering innovative, high-performance software. Yet, healthy security […]
Microsoft Enlists Endor Labs to Integrate SCA Tool with CNAPP
Microsoft has tapped Endor Labs to incorporate a software composition analysis (SCA) tool into its cloud-native application protection platform (CNAPP).
Checkmarx Extends DevSecOps Reach to Repository Security and Secrets Discovery
Checkmarx this week extended the scope of its ability to protect software supply chains with tools that access how secure a repository is and find where application secrets have been shared in a way that is not secure. Ori Bendet, vice president of product management for Checkmarx, said the Repository Health and Secrets Detection tools […]
Four Steps to Balance Agility and Security in DevSecOps
Balancing agility and security in DevSecOps is achievable with the right mix of automation, collaboration and continuous feedback. By embedding security into agile processes, organizations can deliver software that is both fast and secure, meeting the demands of today’s fast-paced tech environment.
Update to Open Source WhiteRabbitNeo Project Brings Smarter AI to DevSecOps
Kindo today revealed that WhiteRabbitNeo, an open-source DevSecOps platform, has been updated to take advantage of improved large language models (LLMs) that generate more accurate outputs when resolving prompts related to offensive cybersecurity, surfacing remediations for potential threats and integrating threat intelligence and vulnerability data.
AI Will Soon Automate DevSecOps Governance
The role cybersecurity teams play in ensuring applications are secure is about to become a lot more proactive in the age of artificial intelligence (AI).
- « Previous Page
- 1
- …
- 7
- 8
- 9
- 10
- 11
- …
- 113
- Next Page »