software development
Self-managed GitLab installations should be patched again (CVE-2024-0402)
Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability …
The dynamic relationship between AI and application development
In this Help Net Security video, Greg Ellis, General Manager, Application Security, at Digital.ai, discusses how artificial intelligence is revolutionizing the way …
Security automation gains traction, prompting a “shift everywhere” philosophy
The use of automated security technology is growing rapidly, which in turn is propagating the “shift everywhere” philosophy – performing security tests throughout the entire …
CISOs vs. developers: A battle over security priorities
A majority of both developers and CISOs view software supply chain security as a top priority in their roles (70% and 52% respectively), according to Chainguard. However, …
Kubernetes adoption creates new cybersecurity challenges
To maintain a competitive edge, modern organizations are evolving toward highly scalable, flexible and resilient applications – leading to the widespread adoption of cloud …
AI-assisted coding and its impact on developers
The emergence of AI has put into question the roles of software developers everywhere. In this Help Net Security video, Cat Hicks, VP of Research Insights at Pluralsight, …
Microsoft launches new initiative to augment security
Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost …
North Korean hackers are targeting software developers and impersonating IT workers
State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies …
Valve introduces SMS-based confirmation to prevent malicious games on Steam
Video game publisher/digital distribution company Valve is forcing developers who publish games on its Steam platform to “validate” new builds with a confirmation …
The root cause of open-source risk
2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses …
Chalk: Open-source software security and infrastructure visibility tool
Chalk is a free, open-source tool that helps improve software security. You add a single line to your build script, and it will automatically collect and inject metadata into …
The pitfalls of neglecting security ownership at the design stage
For companies to avoid bleeding millions through cyber threats, they must build adaptability into their security strategy from the start while considering a range of inputs …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD