GenAI in software surges despite risks
In this Help Net Security video, Ilkka Turunen, Field CTO at Sonatype, discusses how generative AI influences and impacts software engineers’ work and the software …
Are developers giving enough thought to prompt injection threats when building code?
With National Coding Week behind us, the development community has had its annual moment of collective reflection and focus on emerging technologies that are shaping the …
Does a secure coding training platform really work?
As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We …
Inspiring secure coding: Strategies to encourage developers’ continuous improvement
In software development, the importance of secure coding practices cannot be overstated. Fostering a security culture within development teams has become crucial to ensure the …
Never leak secrets to your GitHub repositories again
GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public …
Trained developers get rid of more vulnerabilities than code scanning tools
An EMA survey of 129 software development professionals uncovered that for those using code scanning tools, only 10% of organizations prevented a higher percentage of …
How to improve secure coding education
Did you know that not one of the top 50 undergraduate computer science programs in the U.S. requires a course in code or application security for majors? Yet the threatscape …
What developers want and how to keep them on your team
OutSystems released a new developer jobs report identifying the factors that motivate them to stay with their companies and the frustrations that drive them away. The report, …
Simplifying legal entity identification in the digital age
As the world’s legal entities rush to digitize their processes and transactions, confidence in digital authenticity is in short supply. Thankfully, a single, open and …
Barely one-third of IT pros can vet code for tampering
Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …
Massive shadow code risk for world’s largest businesses
Source Defense announced the results of a study that for the first time sizes the security, privacy, and compliance risks that are literally designed into the digital supply …
Sigstore: Signature verification for protection against supply chain attacks
Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …