Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can …
70% of open-source components are poorly or no longer maintained
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, …
Transforming code scanning and threat detection with GenAI
In this Help Net Security interview, Stuart McClure, CEO of Qwiet AI, discusses the evolution of code scanning practices, highlighting the shift from reactive fixes to …
AI learning mechanisms may lead to increase in codebase leaks
The proliferation of non-human identities and the complexity of modern application architectures have created significant security challenges, particularly in managing …
50% of financial orgs have high-severity security flaws in their apps
Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of …
The number of Android memory safety vulnerabilities has tumbled, and here’s why
Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety …
Security leaders consider banning AI coding due to security risks
92% of security leaders have concerns about the use of AI-generated code within their organization, according to Venafi. Tension between security and developer teams 83% of …
Detecting vulnerable code in software dependencies is more complex than it seems
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within …
How to make Infrastructure as Code secure by default
Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through …
Leveraging dynamic configuration for seamless and compliant software changes
In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster …
One-third of dev professionals unfamiliar with secure coding practices
Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux …
Maintaining human oversight in AI-enhanced software development
In this Help Net Security interview, Martin Reynolds, Field CTO at Harness, discusses how AI can enhance the security of software development and deployment. However, …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments