-
By John K. Waters
Authentication solution provider Okta has extended its Okta Devices Platform Service capabilities to developers via the Okta Devices SDK, which provides packaged tooling to build passwordless sign-in flows through branded push notifications with biometric capabilities, minimizing friction for end-users and increasing security posture.
-
By John K. Waters
ZeroNorth announces a new set of capabilities for its SaaS-based security platform aimed at removing friction between security and DevOps teams by making security "integral and transparent" within the SDLC.
-
By John K. Waters
Cloud security provider Accurics announced a new GitHub app designed to further automate the programmatic enforcement of security policies throughout the software development workflow.
-
By John K. Waters
Sumo Logic's fourth annual Illuminate user conference, virtual this year because of the pandemic, wrapped up yesterday after two days of educational sessions, expert keynotes, and product and initiative announcements.
-
By John K. Waters
CloudBees recently announced a new set of DevSecOps capabilities for its continuous integration and delivery (CI/CD) solutions, including feature flag integration within the CI and CD environments, which the company is billing as an industry first.
-
By John K. Waters
Sonatype's malicious code detection bots discovered and confirmed the presence of new vulnerable npm packages that exfiltrate/broadcast the target's IP, username, and device fingerprint info onto a public GitHub page where anyone can gain access.
-
By John K. Waters
Microsoft enables continuous developer-driven "fuzzing" with newly open sourced tool.
-
By John K. Waters
Cloud security provider Accurics has release an update of its free and open-source Terrascan static code analyzer with new support for Kubernetes.
-
By John K. Waters
Kubernetes security solutions provider Alcide earns AWS Outposts Ready designation.
-
A group of leading tech industry heavy weights that includes Microsoft, IBM, and Google, announced the formation of a new software foundation to consolidates industry efforts to improve the security of open-source software.
-
By John K. Waters
Automated IT and security solutions provider Ivanti is partnering with Intel to provide Device-as-a-Service (DaaS) with Intel's Endpoint Management Assistant
-
By John K. Waters
New Java developer library streamlines use of Platform Agnostic Security Tokens (PASETOs) and provides an alternative to JSON Web Tokens (JWT) to authenticate end users.
-
By John K. Waters
Red Hat announces the beta availability of the latest minor release of the RHEL 8 platform.
-
By John K. Waters
Google Cloud's Confidential Virtual Machines enable users to encrypt their data for the first time in-use--in other words, while it's being processed, in-memory, not just when it's at rest in storage or in-transit.
-
DevSecOps solutions provider Alcide has released a beta version of a new solution designed to provide "end-to-end continuous security guardrails" for Kubernetes deployments.
-
By John K. Waters
The latest Critical Patch Update (CPU) from Oracle, published today, addresses 397 security vulnerabilities across the company's product suite, including 15 patches for Java SE.
-
By John K. Waters
Alcide has released a new command-line tool designed to allow developers, DevOps pros and Kubernetes app builders to scan their Kubernetes configuration and deployment files and deploy it into their continuous integration pipelines.
-
Sonatype this week announced the availability of an enhanced suite of JavaScript intelligence capabilities designed to provide developers with improved accuracy, increased policy control and faster remediation of open source vulnerabilities.
-
By John K. Waters
Google made a number of product announcements this week at the RSA Security Conference, including upgrades to the Chronicle security analytics platform and the general availability of its reCAPTCHA Enterprise and Web Risk API tools.
-
Microsoft this week announced the general availability (GA) of Azure Sphere, marking a new phase in its effort to create an overall trusted environment for deploying and using Internet of Things (IoT) devices.
-
This week the Eclipse Foundation entered into a partnership to support another foundation's open-source technology.
-
By John K. Waters
A startup focused on Kubernetes security has released an open source risk assessment tool for the popular container orchestration platform.
-
By John K. Waters
Oracle's first Critical Patch Update (CPU) of 2020, due this week, will include only 12 new security patches for Java Standard Edition (Java SE), just over half the patches published in October 2019.
-
By John K. Waters
Software testing tools maker Parasoft announced this week that the latest versions of its Jtest, dotTEST, and C/C++ solutions provide coverage of critical vulnerabilities laid out in the newly updated 2019 Common Weakness Enumeration (CWE) list.
-
By John K. Waters
Oracle’s latest quarterly Critical Patch Update (CPU) provides 219 new security patches across Oracle’s product line, including 20 new patches for Java SE. But none of the Java patches in this CPU earned a CVSS risk score of greater than 6.8 out of 10.0.