code

Barely one-third of IT pros can vet code for tampering

June 8, 2022

Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain …

Massive shadow code risk for world’s largest businesses

June 2, 2022

Source Defense announced the results of a study that for the first time sizes the security, privacy, and compliance risks that are literally designed into the digital supply …

Sigstore: Signature verification for protection against supply chain attacks

May 26, 2022

Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies …

Are businesses ready to implement cloud-native development?

April 28, 2022

OutSystems released findings from a global survey of IT leaders and developers gauging the benefits and challenges of cloud-native development, with results highlighting stark …

Principles for Kubernetes security and good hygiene

April 26, 2022

Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s …

81% of codebases contain known open source vulnerabilities

April 19, 2022

Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and …

86% of developers don’t prioritize application security

April 7, 2022

Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …

How often do developers push vulnerable code?

April 6, 2022

A Tromzo report reveals developers remediate only 32% of vulnerabilities and regularly push vulnerable code. The report was based on a survey of more than 400 U.S.-based …

JavaScript security: The importance of prioritizing the client side

April 1, 2022

In this interview with Help Net Security, Vitaliy Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, …

Why low-code and identity must co-exist

March 28, 2022

Software development has emerged as a critical task for organizations looking to compete in the digital economy. It increasingly fuels innovation and even disruption. Yet, …

Increasing security for single page applications (SPAs)

March 8, 2022

Single page applications (SPAs) have become the most popular way to create websites that feel faster for the end-user without hitting the server every time a user interacts …

Solving the problem of secrets sprawling in corporate codebases

March 7, 2022

GitGuardian announced the results of its report which extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in …