Autogrep: Automated Generation and Filtering of Semgrep Rules from Vulnerability Patches
Static Analysis Security Testing (SAST) tools are essential for modern secure software development, yet the maintenance and creation of high-quality detection rules remain challenging and resource-intensive. This paper presents Autogrep, an automated system for generating and filtering security rules for static analysis tools. Motivated by recent licensing changes in the ... Read More
Sparks of Digital Immortality with meraGPT
In an era where our digital footprints are as expansive as the internet itself, the concept of digital immortality is not just science fiction but a burgeoning reality. The introduction of meraGPT, the world’s first digital afterlife as a service platform, represents not only a leap towards this future but ... Read More
AutoFix: Automated Vulnerability Remediation using Static Analysis and LLMs
In the rapidly evolving world of software development, security remains a paramount concern. With the increasing complexity of applications and the ever-present threat of cyber attacks, developers and security teams are in a constant race to identify and fix vulnerabilities. This is where AutoFix, a groundbreaking tool, enters the picture ... Read More
When the going gets tough: Understanding the challenges with Product commoditization in SCA
Recently, I have been thinking a lot about product commoditization and how it affects the software composition analysis (SCA) tools market. If you have been living under a rock and have never heard of SCA you can read a general overview of the problem and solution space here ... Read More
The Most In-Demand Programming Languages of 2018
We saw several new programming languages like Kotlin, Rust, and Go lang come into promienence this year. In this article, we take a look at what 2018 has in store when it comes to programming languages ... Read More
Cyber Wars in 2018
This year we saw a number cyber attacks like WannaCry and Petya aimed at causing disruptions and damage to organizations and nations. In this article, we take a look at what is in store for us in 2018 ... Read More
Is the World Ready for the New Generation of Self-Propagating Ransomware?
Self-propagating threats such as WannaCry and Petya were only the tips of the iceberg. The success hackers enjoyed with WannaCry and Petya makes it quite likely others will try to replicate the tactics used by deploying ransomware as a worm. The propagation mechanisms employed by both ransomware families enabled the ... Read More
The Impact of DevOps on Application Performance Management
Application Performance Mangement or APM refers to the practice of monitoring the performance of your code, application, runtimes, and overall user experience. In this article, we will talk about how DevOps impacts APM and how you can adjust to the new software supply chain ... Read More
Companies Lax on Open Source Risk
Recently, a survey done on open source risk found that enterprises are not proactive in managing and securing the use open source. Almost 40% of respondants said that no one in their company was responsible for open source compliance. Use of insecure components and vulnerable open source libraries is on ... Read More
5 Steps Towards GDPR Compliance
On 25th May 2018 the EU General Data Protection Regulation (GDPR) will become enforceable. It will change how businesses and public sector organizations can handle information of customers and users. GDPR is Europe’s new framework for data protection laws and replaces existing data protection directive. The full text of the ... Read More
