Minimus today at the 2025 RSA Conference launched a managed service through which it ensures application development teams are provided access to a secure set of minimal container images and virtual machines. Company CTO John Morello said the Minimus service eliminates the possibility that developers might inadvertently download software artifacts that might be infested with […]
Endor Labs Adds AI Agents to Automate Application Security Reviews
Endor Labs today added a set of artificial intelligence (AI) agents to its platform, specifically trained to identify security defects in applications and suggest remediations. Fresh off raising an additional $93 million in funding, Endor Labs founder and CEO Varun Badhwar said going beyond simply identifying vulnerabilities in code, these AI agents are trained to […]
The DevOps Bottleneck: Why IaC Orchestration is the Missing Piece
If you work in DevOps, you’ve heard it a thousand times: “Do more with less.” More automation, more security, more reliability—but with the same (or fewer) people. Meanwhile, your development teams keep growing, pushing out new features at breakneck speed. Yet somehow, the infrastructure team is supposed to scale magically to keep up. Let’s be […]
JFrog Survey Surfaces Limited DevSecOps Gains
A global survey of 1,402 application developers, cybersecurity and IT operations professionals finds 71% work for organizations that, despite any potential vulnerabilities, still allow developers to download packages directly from the internet.
Microsoft’s Hyperlight Wasm: Bringing WebAssembly to Secure Micro-VMs
Microsoft expands its Hyperlight project with Hyperlight Wasm, enabling secure WebAssembly workloads in lightweight VMs across Windows, Linux, and macOS platforms.
Sonar Combines SAST and SCA Tools in Single Offer
Sonar today revealed it will at the end of May add an offering that combines its Static Application Security Testing (SAST) tool with the software composition analysis (SCA) tools it gained with the acquisition of Tidelift late last year.
OpenSSF Defines Baseline for Securing Open Source Software
The Open Source Security Foundation (OpenSSF) has launched an initiative to provide maintainers of open source software projects with a set of baseline security requirements that can be realistically attained and maintained by small teams.
7 Critical API Protection Strategies to Fortify Your API Security
Against a backdrop of escalating threats and costly consequences, organizations need a comprehensive, multilayered approach to API security.
Endor Labs Extends Microsoft SCA Alliance to GitHub
Endor Labs has allied with GitHub to integrate its software composition analysis (SCA) tools directly within DevOps workflows.
Open Source Software Security Concerns with Spike Curtis
Spike Curtis, principal engineer for Coder Technologies, dives into why open source software security concerns are valid, and why the only viable option is to invest more in securing software supply chains to mitigate potential threats. While open source benefits from community oversight, organizations must vet the projects they rely on to avoid security gaps. […]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- …
- 46
- Next Page »