-
By John K. Waters
Sonatype expands the latest version of its Nexus platform to offer "full-spectrum control of the cloud-native software development lifecycle."
-
By John K. Waters
GrammaTech today announced a technology partnership with GitLab to integrate the GrammaTech CodeSonar Static Application Security Testing solution with GitLab's Ultimate DevSecOps platform.
-
By John K. Waters
Application Security Testing solutions provider Veracode today announced the launch of a two-week collegiate competition designed to challenge student teams in the U.S. and the U.K. to test their secure coding skills.
-
By John K. Waters
Software security solutions provider Checkmarx today launched a new open-source static analysis tool designed to allow developers to write more secure infrastructure-as-code.
-
Java apps earn higher security vulnerability score than .NET apps, a Contrast Lab report finds.
-
By John K. Waters
A new report from Application Security Testing (AST) solutions provider Veracode shows that software developers working in the retail and hospitality sector are fixing flaws in their companies' software at a faster rate than five other sectors--despite having to work with applications that tend to be older and larger than other sectors.
-
By John K. Waters
Red Hat announced that it is acquiring Kubernetes-native security provider StackRox sometime in the first quarter of 2021. It's first acquisition by Red Hat since it was acquired by IBM.
-
By John K. Waters
BMC unveils new capabilities and enhancements for its Automated Mainframe Intelligence (AMI) and Compuware portfolios to protect mainframe customers' uptime and availability, defend the mainframe against cybersecurity threats, and advance enterprise DevOps.
-
By John K. Waters
Ivanti enhances the capabilities of its flagship Enterprise Service Management (ESM) portfolio with greater automation capabilities between service management and SecOps.
-
By John K. Waters
Cloud security provider Accurics announced that it is extending support in its Terrascan open-source tool for detecting compliance and security violations across Infrastructure as Code to two Cloud Native Computing Foundation projects: Helm and Kustomize.
-
Version 1.0 of the new debugger for Python in Visual Studio Code (VS Code), called Debugpy, shows up in the latest update of the popular Python tooling for the open source, cross-platform code editor.
-
By John K. Waters
A new report from Veracode analyzes 130,000 applications, and finds that it takes about six months for teams to close half the security flaws they find.
-
By John K. Waters
The Cloud Security Alliance does a deep-dive analysis of nine of last year's Egregious 11: Top Threats to Cloud Computing.
-
By John K. Waters
New security solution surfaces vulnerabilities in third-party code used in the development of custom applications.
-
By John K. Waters
Automated IT and security solutions provider Ivanti today announces two additions to its Neurons "hyper-automation" platform: Neurons for Patch Intelligence and Neurons for Spend Intelligence.
-
By John K. Waters
The results of a new survey suggest that a growing number of security and development professionals are convinced of the value of Security Champions programs.
-
By John K. Waters
Oracle's new Cloud Observability and Management Platform aims to provide a comprehensive set of management, diagnostic, and analytics services to help customers manage multicloud and on-premises deployments.
-
By John K. Waters
Authentication solution provider Okta has extended its Okta Devices Platform Service capabilities to developers via the Okta Devices SDK, which provides packaged tooling to build passwordless sign-in flows through branded push notifications with biometric capabilities, minimizing friction for end-users and increasing security posture.
-
By John K. Waters
ZeroNorth announces a new set of capabilities for its SaaS-based security platform aimed at removing friction between security and DevOps teams by making security "integral and transparent" within the SDLC.
-
By John K. Waters
Cloud security provider Accurics announced a new GitHub app designed to further automate the programmatic enforcement of security policies throughout the software development workflow.
-
By John K. Waters
Sumo Logic's fourth annual Illuminate user conference, virtual this year because of the pandemic, wrapped up yesterday after two days of educational sessions, expert keynotes, and product and initiative announcements.
-
By John K. Waters
CloudBees recently announced a new set of DevSecOps capabilities for its continuous integration and delivery (CI/CD) solutions, including feature flag integration within the CI and CD environments, which the company is billing as an industry first.
-
By John K. Waters
Sonatype's malicious code detection bots discovered and confirmed the presence of new vulnerable npm packages that exfiltrate/broadcast the target's IP, username, and device fingerprint info onto a public GitHub page where anyone can gain access.
-
By John K. Waters
Microsoft enables continuous developer-driven "fuzzing" with newly open sourced tool.
-
By John K. Waters
Cloud security provider Accurics has release an update of its free and open-source Terrascan static code analyzer with new support for Kubernetes.