Security News


Stytch Unveils Advanced Authentication Tech with Enhanced Fraud and Bot Protection for Developers

Identity platform provider Stytch launches new device fingerprinting capabilities designed to provide enhanced fraud and bot protection for developers. The upgrade incorporates advanced AI functionality, offering an easy-to-integrate solution for boosting security within authentication flows, the company said. Stytch’s technology aims to provide seamless and highly accurate bot detection, reducing user friction and enhancing security without visible interventions.

JFrog Launches Runtime Security Solution to Boost Software Integrity from Code to Cloud

JFrog has introduced a new runtime security solution aimed at enhancing software integrity and streamlining collaboration between developers and security teams. The addition of JFrog Runtime to the company’s existing security tools is meant to empower enterprises to embed security at every stage of the software development process, the company said, from writing source code to deploying applications in production.

Map of United States with cybersecurity icons

CrowdStrike Apologizes, Blames Flaw in Testing Software for Faulty Update that Took Down Millions of Windows Systems

Security firm CrowdStrike has revealed that a flaw in its testing software led to a faulty update, causing more than 8.5 million Windows systems to crash last week. In a blog post published today, the Austin-based company provided more details on the incident, which resulted in flight cancellations and disruptions to public services, including 911 systems.

White House Calls for 'Attestations' of Secure Practices from Third-Party Software Providers

White House publishes guidelines requiring government agencies to obtain formal assurances from third-party software providers that they are following secure software development practices.

A Visit to the Automated Testing Zoo

Our Agile Architect wants to talk about lessons learned from his experiences with test automation. As usual, he does it in his own unique way.

Contrast Security Adds SCA in Free CodeSec Tool

App security tools provider Contrast Security adds software composition analysis capabilities to its free in CodeSec "developer-first" scanner.

Checkmarx and Seemplicity Join Forces to Simplify the Find-to-Fix Lifecycle

Application security testing company Checkmarx and cybersecurity workflow and productivity startup Seemplicity today announced a new partnership aimed at simplifying the "find-to-fix" lifecycle and accelerating the time to remediation of vulnerabilities found throughout the software development lifecycle .

Veeam Previews Major Product Updates at Annual User Conference

Veeam Software kicks off its annual user conference with a product roadmap that showcases features planned for the release of Veeam Backup & Replication v12, as well as key solution innovations for cloud-native solutions, SaaS offerings, and some deeper integrations of Kasten by Veeam K10 for Kubernetes.

Contrast Security Partners with GitHub to Deliver 'Pipeline-Native' Security to Developers

Cybersecurity solutions provider Contrast Security unveils four new GitHub Actions aimed at making the process of automating security testing within native pipelines more accessible to developers.

New 'Vantage Prevent' Solution Shifts DAST Left

The Application Security Division of NTT Ltd. releases a solution designed to make it possible for developers to conduct dynamic application security testing (DAST) at each phase of the software development cycle.

Blue Server Graphic

Companies Facing FTC Legal Action Over Log4j Breaches

The U.S. Federal Trade Commission intends to use its "full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of the Log4j vulnerability," the commission warned.

Dark City IMage

Log4j Remote Code Execution Vulnerability Likely to Affect Millions

A critical-remote code execution vulnerability in the widely used Log4j open-source Java logging library, "has given cybercriminals the perfect attack campaign on a silver platter."

Synopsys Adds Code Dx to AppSec Portfolio

Synopsys, a provider of electronic design automation (EDA), semiconductor IP, and application security testing tools and services, acquires app vulnerability management company Code Dx.

New RSAC Marketplace 'Expands RSA Conference' for Cybersecurity Pros

Cybersecurity pros have a new online resource, the RSAC Marketplace, which its creators describe as "the equivalent of a year-round RSA expo."

Silver Pins

Sonatype Unveils NextGen Nexus Platform

Sonatype expands the latest version of its Nexus platform to offer "full-spectrum control of the cloud-native software development lifecycle."

GrammaTech Partners with GitLab to Add Shift-Left Capabilities to the CI/CD Pipeline

GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing solution with GitLab's Ultimate DevSecOps platform.

Veracode Launches 'Hacker Games' to Test Student Cybersecurity Skills

Application Security Testing solutions provider Veracode today announced the launch of a two-week collegiate competition designed to challenge student teams in the U.S. and the U.K. to test their secure coding skills.

Checkmarx Unveils New Open Source IaC Scanning Engine

Software security solutions provider Checkmarx today launched a new open-source static analysis tool designed to allow developers to write more secure infrastructure-as-code.

Java Apps More Vulnerable than .NET Apps, Report Finds

Java apps earn higher security vulnerability score than .NET apps, a Contrast Lab report finds.

Devs in Retail and Hospitality Fix Flaws Faster, Veracode Report Concludes

A new report from Application Security Testing (AST) solutions provider Veracode shows that software developers working in the retail and hospitality sector are fixing flaws in their companies' software at a faster rate than five other sectors--despite having to work with applications that tend to be older and larger than other sectors.