Dev & DevSecOps

The state of DevSecOps: Why upgrading your AppSec tooling is essential

The state of DevSecOps: Why upgrading your AppSec tooling is essential

| | AppSec & Supply Chain Security, Dev & DevSecOps
DevSecOps started getting written and talked about a decade ago, and today many companies are paying attention to the best-practices recommendations put forth in the press and conferences. In fact, a report ...
ReversingLabs Blog
CI/CD pipelines and the cloud: Are your development secrets at risk?

CI/CD pipelines and the cloud: Are your development secrets at risk?

| | AppSec & Supply Chain Security, Dev & DevSecOps
Continuous integration/continuous delivery (CI/CD) is widely embraced by developers because of its ability to deliver code changes more frequently and reliably. Unfortunately, it can deliver those code changes insecurely. When coupled with ...
ReversingLabs Blog
Memory-safe languages and security by design: Key insights, lessons learned

Memory-safe languages and security by design: Key insights, lessons learned

| | AppSec & Supply Chain Security, Dev & DevSecOps
For more than 50 years, software engineers have struggled with memory vulnerabilities, but it has only been in recent times that serious efforts have been undertaken to get a handle on the ...
ReversingLabs Blog
NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

| | AppSec & Supply Chain Security, Dev & DevSecOps
The final version of guidelines to help organizations secure their software supply chain has been released by the National Institute of Standards and Technology (NIST). The document, "Strategies for the Integration of ...
ReversingLabs Blog
Are AI development tools exposing your organization? 4 key considerations

Are AI development tools exposing your organization? 4 key considerations

| | Dev & DevSecOps
Microsoft's soon-to-be-released GitHub Copilot Enterprise option will give organizations an enterprise-grade subscription plan for its AI-powered code-completion tool, which helps developers write code faster ...
ReversingLabs Blog
The state of container security: 5 key steps to locking down your releases

The state of container security: 5 key steps to locking down your releases

| | AppSec & Supply Chain Security, Container Security, Dev & DevSecOps
Container technologies are rapidly transforming application development and deployment practices at many organizations. But they also present a minefield of security risks for the growing number of organizations using the technology to ...
ReversingLabs Blog
Rust on Android goes bare metal: 3 key mobile security benefits

Rust on Android goes bare metal: 3 key mobile security benefits

| | Dev & DevSecOps
A milestone in the software industry's move toward safer programming languages was reached last week with Google's announcement that it is extending the use of Rust into bare-metal Android environments ...
ReversingLabs Blog
The Hamster Wheel of Scan and Fix

The evolution of app sec: Getting off the scan-and-fix hamster wheel remains elusive

| | App Sec & Supply Chain Security, Dev & DevSecOps
Over the last 20 years, cybersecurity has changed a lot, but one thing has remained resistant to change: scanning resources for defects and fixing them. Now may be the time to hop ...
ReversingLabs Blog
The state of open source software security: Changes in attack methods, policy and more

The state of open source software security: Changes in attack methods, policy and more

| | Dev & DevSecOps
...
ReversingLabs Blog
The art of security chaos engineering

The art of security chaos engineering

| | Dev & DevSecOps, software supply chain security
One truism of the cybersecurity world is that attackers have a much easier job than defenders. Malicious cyber actors only need to find a single weak point in the IT armor defending ...
ReversingLabs Blog
Load more