The Top Five Secrets Found in Code

The Top Five Secrets Found in Code

| | articles, Blog
Your code is not just a means for you to deploy an application, it’s also the means by which a hacker can gain access to a network or the data contained within or without. This has become even more apparent with the advent of cloud native development, where a single ... Read More
Securing the Software Supply Chain. Jim Zemlin of the Linux Foundation.

SolarWinds, GitHub Leaks and Securing the Software Supply Chain

| | Blog
The massive cybersecurity breach from SolarWinds by now has reached everyone in our industry’s attention. It’s a truly wide-spread and dangerous breach that, at least from what we know now, is an example of two trends in cybersecurity that frankly need more attention by any company writing code. Code as ... Read More

Uncovering Secrets in Code—A Case Study

| | Blog
Secrets such as API keys, tokens or passwords are frequently left in code. These secrets are fundamental to productivity in our collaborative and complex software development cycle. But if they aren’t handled properly, they can put an entire infrastructure at risk.  In a recent academic research project, researchers found that ... Read More

BluBracket Adds Stolen and Leaked Code Detection, Remediation to its CodeSecurity Suite

| | SBN News
PALO ALTO, CALIFORNIA – August 5, 2020 – At the Black Hat Security Conference, BluBracket, the leader in code security, today introduced significant new functionality to its Code Security Suite, allowing companies for the first time to find stolen and copied source code in public repositories. In today’s digital coding ... Read More

Why Code Security Unlocks the Next Trillion Dollar Software Opportunity

| | Blog
Noted investor Glenn Solomon recently made a compelling case in Forbes that the next big enterprise software opportunity will be fueled by developers. The first two trillion dollar trends—Saas and public cloud—revolutionized the way software is delivered and deployed, effectively making every company a software company. Now the opportunity lies ... Read More

Code scanning does not guarantee code security.

| | Blog
Code scanning is an integral part of application security. Since BluBracket is considered to be the industry’s first comprehensive code security solution, there can be confusion over how code security relates to code scanning. Is it the same thing? Does BluBracket replace common SAST or DAST tools? The answer is ... Read More

Git it right—How hackers exploit Git misconfigurations & what to do about it

| | Blog
This month, Mercedes Benz left 580 source code repositories open and available for anyone to access on the Web. These repositories not only contained valuable source code for vehicle components which could be used for attack, they also contained passwords and tokens that unlocked access to other Mercedes private servers ... Read More
Why GitHub Security Isn’t Enough.

Why GitHub Security Isn’t Enough.

| | Blog
Last week, GitHub made a series of announcements at GitHub Satellite, including some great news around code scanning and increased security for their platform. We love to see this because the more companies who use GitHub (and GitLab and Bitbucket), the better for the industry, and the more value BluBracket ... Read More