The country’s top cybersecurity agency is urging developers to take steps to ensure the software they’re building and the products they roll out are secure and protect end users. The Cybersecurity and Infrastructure Security Agency (CISA) this week rolled out a series of recommendations that it wants businesses and critical infrastructure organizations to adopt to […]
White House to Spend $11 Million to Study Open Source Software Use
Hardening the security around open source software has been a key part of the White House’s larger cybersecurity efforts since President Biden released his executive order for improving the United States’ security posture in May 2021, only months after taking office. Now the Biden Administration and the Department of Homeland Security (DHS) are putting $11 […]
Does More Money Improve Open Source Security?
It sounds simple: If you pay developers more money they’ll improve the quality and security of their code. The evidence isn’t so clear.
OpenSSF warns of Open Source Social Engineering Threats
Linux dodged a bullet. If the XZ exploit had gone undiscovered for only a few more weeks, millions of Linux systems would have been compromised with a backdoor. We were lucky. But can we stay lucky? The Open Source Security Foundation (OpenSF) and the OpenJS Foundation revealed that a similar hackling attempt had targeted several […]
Securing Open Source Software, the Cyber Resilience Act Way
The Eclipse Foundation is spearheading an effort to create a unified framework for secure software development.
Your AI Might be Lying to You
Simple tests can demonstrate whether a code generator is actually doing what you ask.
AISecOps: Expanding DevSecOps to Secure AI and ML
AISecOps, the application of DevSecOps principles to AI/ML and generative AI, means integrating security into models’ life cycles.
Cycode Acquires Bearer to Extend ASPM Platform
Cycode has acquired Bearer, a provider of a set of tools for SAST, API discovery and identification of sensitive data.
Survey Sees Limited DevSecOps Progress Being Made as Vulnerabilities Mount
A recent survey found that, on average, organizations have 55.5 security vulnerabilities each day in their remediation queue, with at least one critical.
Securing the DevOps Pipeline: Tools and Best Practices
Because of the critical nature of the DevOps pipeline, security is becoming a top priority. Here’s how to integrate DevSecOps.
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 25
- Next Page »