shift left
Threat Modeling with AI: A Developer-Driven Boon for Enterprise Security
For companies running a modern, adaptive and defense-centered security program, threat modeling is not a new concept. In fact, it’s one of the core tenets of preventative cybersecurity best practices. Being able ...
Shift Left Has Shifted Wrong: Why AppSec Teams – Not Developers – Must Lead Security in the Age of AI Coding
Narrow “shift left” has failed at AI scale. Move from developer-led fixes to AppSec-managed automation that triages findings and delivers tested pull-request fixes so teams can safely manage AI-generated code ...
Sonatype Named DevOps Dozen Winner for Best DevSecOps Solution
The DevOps landscape is changing faster than ever. As organizations race to deliver software at speed, they're also inheriting a new class of risk — one driven by open source sprawl, AI-generated ...
Securing AI-Generated Code in Enterprise Applications: The New Frontier for AppSec Teams
AI-generated code is reshaping software development and introducing new security risks. Organizations must strengthen governance, expand testing and train developers to ensure AI-assisted coding remains secure and compliant ...
Future-Proofing Your Software Supply Chain with SCA Best Practices
Open source software (OSS) is the backbone of modern software development, empowering industries from finance and healthcare to government and technology to innovate faster and reduce costs. However, this widespread adoption brings ...
How SBOMs drive a smarter SCA strategy
Modern software is largely assembled from open source components, constituting up to 90% of today's codebases. Managing the security and compliance risks associated with this external code is no longer optional — ...
Will the FDA Start Banning Chinese-Made Medical Devices?
Interview with Joe Silvia, CEO of MedWare Cyber Click here to listen. In late January, the FDA issued a safety warning on Contec CMS8000 patient monitors and those relabeled as MN-120. The ...
Application security trends: Shift-left security, AI, and open source malware
Software is at the heart of business operations across most industries, which means application security has never been more critical. However, as organizations embrace cloud-native architectures, microservices, and open source components, the ...
Everything While Training: Lessons on C and C++ Secure Coding Practices with Tanya Janca
Click here for full interview. In this show, we speak with Tanya Janca, aka SheHacksPurple, a renowned code security trainer with nearly 30 years of experience in application development, engineering, and testing ...
U.S. Bans Software and Firmware Products From Adversarial Countries
In January 2024, U.S. law went into effect that would ban smart cars with Russian and Chinese technology and protect the vehicle supply chain due to concerns about the privacy of consumer ...
