software
Challenges development teams face when building applications with open source
Tidelift released a report providing critical insights into the state and practice of open source software supply chain management. This comprehensive study of nearly 700 …
86% of developers don’t prioritize application security
Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers …
Security flaws found in 82% of public sector software applications
Veracode has released new findings that show the public sector has the highest proportion of security flaws in its applications and maintains some of the lowest and slowest …
Why banks should incorporate software bill of materials (SBOM) into their third-party risk programs
In the face of rising cybersecurity threats, the Biden administration issued an executive order in May 2021 calling for improvements in the supply chain. Among the recommended …
The Linux Foundation’s Census of OSS app libraries helps prioritize security work
The Linux Foundation announced the final release of “Census II of Free and Open Source Software – Application Libraries,” which identifies more than one thousand of the …
Attackers used Dridex to deliver Entropy ransomware, code resemblance uncovered
Sophos released a research that details code similarities in the general purpose Dridex botnet and the little-known ransomware, Entropy. The similarities are in the software …
Software supply chain security still a pain point
ActiveState announced the results of its survey, providing insights into the security challenges of the software industry’s open source supply chain, which includes the …
Tackling supply chain security head-on
Threats against supply chains are growing and the reality is that the size, cost, and sophistication of these threats make it difficult for anyone organization to control or …
Supply chain shortages create a cybersecurity nightmare
The White House has recently issued alerts noting that many manufacturers suffer from disrupted supply chains, and rebuilding supply chains is a major priority. Some analysts …
Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changes
Offensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform. Visually refreshed and with improved usability …
The importance of implementing security scanning in the software development lifecycle
Veracode published a research that finds most applications are now scanned around three times a week, compared to just two or three times a year a decade ago. This represents …
78% of organizations expect to produce or consume SBOMs in 2022
The Linux Foundation announced the availability of the first in a series of research projects to understand the challenges and opportunities for securing software supply …