Log4Shell Reinforces Need to Prioritize Software Supply Chain Security

| | Blog
Recently discovered and widely reported, the Log4J vulnerability(Log4Shell) affects millions of applications written in Java. Developers have extensively used Log4J as a logger for debugging, reporting and analytics during code development and execution. The Log4J library is widely used, particularly in environments where Apache components are deployed. About the Log4J ... Read More
Building Software that is Resilient to Supply Chain Attacks (includes link to download Cheat Sheet)

Building Software that is Resilient to Supply Chain Attacks (includes link to download Cheat Sheet)

| | Blog
We are in the midst of many generations who have grown up building things with Lego blocks. Guess what! software is being snapped together in part pieces as well. You don’t have to write every last bit of code yourself. You can also mix your code with open source code ... Read More
BluBracket Uncovers Trojan Source Unicode (Bidirectional Algorithm)  Vulnerabilities

BluBracket Uncovers Trojan Source Unicode (Bidirectional Algorithm) Vulnerabilities

| | Blog
In this era of fast code deployment and non-stop design-to-deploy, systemic code vulnerabilities can end up being devastating because of the speed at which code is shared via git repositories. The shift left movement has made developers aware of cybersecurity hygiene and best practices. This same movement has sought to ... Read More
Upcoming Live Discussion: Three Steps to Preventing Software Supply Chain Attacks

Upcoming Live Discussion: Three Steps to Preventing Software Supply Chain Attacks

| | Blog
Tuesday, December 7, 2021 1:00 PM ET / 10:00 AM PT Click here to register. On Tuesday, December 7, 2021, BluBracket will be leading a live discussion with security professionals about the relationship between code security and software supply chain attacks. You are invited to listen in and speak as ... Read More

Linux Foundation Announces Security Enhancements to its LFX Community Platform to Protect Software Supply Chain

| | Blog
More than 720,000 technical contributors and 1,700 member companies have access to security metrics on the LFX platform; tens of millions of developers rely on projects hosted across the platform Napa Valley, Calif., Linux Foundation Membership Summit, November 2, 2021 — The Linux Foundation, the nonprofit organization enabling mass innovation through ... Read More

Securing Open Source Code with the Linux Foundation

| | Blog
Today we are pleased to announce an important step in our mission to secure code. We have donated a sizable contribution to the LFx security module at the Linux Foundation so it now includes automatic scanning for secrets-in-code and non-inclusive language. Our contribution was announced on stage at the Linux ... Read More
So Many Repos, So Little Time: Speeding Up Deployments Securely

So Many Repos, So Little Time: Speeding Up Deployments Securely

| | Blog
As we entered 2020, digital transformation was already gathering steam. Once Covid-19 spread, workers went remote and e-commerce and business-to-business transactions went predominantly online. This propelled digital transformation into a raging inferno that led to unprecedented pressure on developer pipelines from incessant business demands for new code functionality and faster ... Read More

Why Organizations Today Need a Risk-Based Approach to Code Security

| | Blog
We salute October as National Cybersecurity Awareness Month As we salute the national cybersecurity awareness month, we also want to recognize the ongoing increase in application-based software supply chain attacks. The process to deliver security and protection during software development cycles are disjointed, leading to gaps, vulnerabilities and lots of false ... Read More

Why Developers Need More than SAST and DAST for Real Code Security

| | Blog
When SAST, DAST, IAST etc. are Just Not Enough Once developers find tools that work for them, it is hard to make a change. SAST and other legacy Application Security tools fall into the area of being solid tools that work. In the last couple of years the threat landscape ... Read More
BluBracket to Enable Developer Empowerment – Appoints Casey Bisson Head of Product Growth

BluBracket to Enable Developer Empowerment – Appoints Casey Bisson Head of Product Growth

| | Blog
We’re excited to announce Casey Bisson has been appointed the Head of Product Growth at BluBracket. BluBracket’s mission is to empower individual developers with the information and tools they need to enhance security across all aspects of their development workflows. BluBracket is on a journey to enable this transformation by ... Read More
Loading...