code

81% of codebases contain known open source vulnerabilities

April 19, 2022

Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and …

86% of developers don’t prioritize application security

April 7, 2022

Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …

How often do developers push vulnerable code?

April 6, 2022

A Tromzo report reveals developers remediate only 32% of vulnerabilities and regularly push vulnerable code. The report was based on a survey of more than 400 U.S.-based …

JavaScript security: The importance of prioritizing the client side

April 1, 2022

In this interview with Help Net Security, Vitaliy Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, …

Why low-code and identity must co-exist

March 28, 2022

Software development has emerged as a critical task for organizations looking to compete in the digital economy. It increasingly fuels innovation and even disruption. Yet, …

Increasing security for single page applications (SPAs)

March 8, 2022

Single page applications (SPAs) have become the most popular way to create websites that feel faster for the end-user without hitting the server every time a user interacts …

Solving the problem of secrets sprawling in corporate codebases

March 7, 2022

GitGuardian announced the results of its report which extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in …

Data leaks and shadow assets greatly exposing organizations to cyberattacks

February 25, 2022

CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. …

Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered

February 24, 2022

Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software …

Software supply chain security still a pain point

February 18, 2022

ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the …

Supply chain shortages create a cybersecurity nightmare

February 16, 2022

The White House has recently issued alerts noting that many manufacturers suffer from disrupted supply chains, and rebuilding supply chains is a major priority. Some analysts …

Low code applications are essential for cybersecurity development in applications

February 10, 2022

One of the biggest changes to the cybersecurity landscape is that developers are now often expected to implement security directly into the applications they’re building as …