Memory-safe languages and security by design: Key insights, lessons learned

Memory-safe languages and security by design: Key insights, lessons learned

For more than 50 years, software engineers have struggled with memory vulnerabilities, but it has only been in recent times that serious efforts have been undertaken to get a handle on the ...
NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

The final version of guidelines to help organizations secure their software supply chain has been released by the National Institute of Standards and Technology (NIST). The document, "Strategies for the Integration of ...
Are AI development tools exposing your organization? 4 key considerations

Are AI development tools exposing your organization? 4 key considerations

| | Dev & DevSecOps
Microsoft's soon-to-be-released GitHub Copilot Enterprise option will give organizations an enterprise-grade subscription plan for its AI-powered code-completion tool, which helps developers write code faster ...
The state of container security: 5 key steps to locking down your releases

The state of container security: 5 key steps to locking down your releases

Container technologies are rapidly transforming application development and deployment practices at many organizations. But they also present a minefield of security risks for the growing number of organizations using the technology to ...
Rust on Android goes bare metal: 3 key mobile security benefits

Rust on Android goes bare metal: 3 key mobile security benefits

| | Dev & DevSecOps
A milestone in the software industry's move toward safer programming languages was reached last week with Google's announcement that it is extending the use of Rust into bare-metal Android environments ...
The Hamster Wheel of Scan and Fix

The evolution of app sec: Getting off the scan-and-fix hamster wheel remains elusive

Over the last 20 years, cybersecurity has changed a lot, but one thing has remained resistant to change: scanning resources for defects and fixing them. Now may be the time to hop ...
The art of security chaos engineering

The art of security chaos engineering

One truism of the cybersecurity world is that attackers have a much easier job than defenders. Malicious cyber actors only need to find a single weak point in the IT armor defending ...
Ken Buckler - The Human Side of Secure Coding

20 application security pros you should follow

Keeping current with the latest developments in application security can be challenging and time-consuming. One way to make it less so is to have a go-to list of active online application security ...