Tag: programming
-
Securing the Software Supply Chain: Checkmarx One Expands its Offerings
by
in SecurityNews
Tags: ai, container, detection, exploit, programming, software, strategy, supply-chain, threat, toolThe software supply chain is under siege. Threat actors increasingly exploit weaknesses in code repositories, dependencies and mismanaged secrets to infiltrate and disrupt software development processes. In response, organizations are turning to robust strategies to safeguard their supply chains, including tools like SCA scanning, AI and container security, secrets detection and repository health monitoring. Checkmarx’s..…
-
Overreliance on GenAI to develop software compromises security
by
in SecurityNewsGenAI is quickly changing the software development process by automating tasks that once took developers hours, if not days, to complete, bolstering efficiency and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/20/genai-software-development-process-security/
-
Our commitment to you and an update on severity ratings for software quality
by
in SecurityNewsThe speed of software development and product delivery is increasing for organizations everywhere including here at Sonar. In this blog, we decided to put our guiding engineering principles in writing and share them with you. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/our-commitment-to-you-and-an-update-on-severity-ratings-for-software-quality/
-
PlatformEngineering.com: Strengthening Security in the Software Development Lifecycle
by
in SecurityNewsThe Techstrong Group is thrilled to announce the launch of PlatformEngineering.com, a new platform dedicated to advancing the platform engineering discipline. This addition to the Techstrong family”, including Security Boulevard”, promises to be a critical resource for organizations seeking to enhance their software delivery pipelines while ensuring robust security measures. The Intersection of Platform Engineering…
-
Transforming Security: How SAST Enhances Your Secure Code Review Process?
by
in SecurityNewsSecure coding has become a critical aspect of software development, and the need for effective security testing is at an all-time high. Vulnerabilities in code can expose applications to serious threats, making early detection vital for maintaining security and performance. One powerful approach to achieving this is by implementing Static Application Security Testing (SAST) within……
-
How to Improve the Security of AI-Assisted Software Development
by
in SecurityNewsCISOs need an AI visibility and KPI plan that supports a just right balance to enable optimal security and productivity outcomes. The post How to Impr… First seen on securityweek.com Jump to article: www.securityweek.com/how-to-improve-the-security-of-ai-assisted-software-development/
-
We are joining forces with Google Cloud to accelerate AI and software development with privacy-first data solutions on Google Cloud Marketplace
by
in SecurityNewsFirst seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/we-are-joining-forces-with-google-cloud-to-accelerate-ai-and-software-development-with-privacy-first-data-solutions-on-google-cloud-marketplace/
-
Guest Essay: API security-related exposures rose steeply across all industries in Q3 2024
by
in SecurityNewsApplication Programming Interfaces (APIs) have become the backbone of modern enterprises, facilitating seamless communication between both internal sy… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/guest-essay-api-security-related-exposures-rose-steeply-across-all-industries-in-q3-2024/
-
De-identifying Data for Software Development and Testing at Enterprise Scale
by
in SecurityNewsThe business case for a modern test data generation platform, designed with the enterprise and the developer in mind, is clear. By streamlining the de… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/de-identifying-data-for-software-development-and-testing-at-enterprise-scale/
-
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
by
in SecurityNewsCybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
API Vulnerabilities Jump 21% in Third Quarter
by
in SecurityNewsApplication programming interface (API) vulnerabilities surged 21% in the third quarter, with cloud-native infrastructure increasingly targeted by cyb… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/api-vulnerabilities-jump-21-in-third-quarter/
-
Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually
by
in SecurityNewsOrganizations are losing between $94 – $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse b… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/vulnerable-apis-and-bot-attacks-costing.html
-
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
by
in SecurityNewsA critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the ex… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/critical-apache-avro-sdk-flaw-allows.html
-
Open Source Package Entry Points May Lead to Supply Chain Attacks
by
in SecurityNewsEntry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks. The post Open Source Package E… First seen on securityweek.com Jump to article: www.securityweek.com/open-source-package-entry-points-may-lead-to-supply-chain-attacks/
-
India, Latin America, or Vietnam: Where Should You Outsource Software Development in 2024?
by
in SecurityNewsAs global markets become more interconnected and businesses strive for agility and cost-efficiency, outsourcing software development has become a stra… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/india-latin-america-or-vietnam-where-should-you-outsource-software-development-in-2024/
-
Supply Chain Attacks Exploit Entry Points in Python, npm, and Open-Source Ecosystems
by
in SecurityNewsCybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
by
in SecurityNewsSince its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, fina… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/5-actionable-steps-to-prevent-genai.html
-
Critical Apache Avro SDK RCE flaw impacts Java applications
by
in SecurityNewsA critical vulnerability in the Apache Avro Java Software Development Kit (SDK) could be exploited to execute arbitrary code on vulnerable instances. … First seen on securityaffairs.com Jump to article: securityaffairs.com/169469/security/apache-avro-java-sdk-critical-flaw.html
-
Akamai Embeds API Security Connector in CDN Platform
by
in SecurityNewsAkamai Technologies has made available at no extra cost a connector that makes it simpler for cybersecurity teams to discover application programming … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/akamai-embeds-api-security-connector-in-cdn-platform/
-
Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 68%
by
in SecurityNewsGoogle has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of me… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html
-
Could APIs be the undoing of AI?
by
in SecurityNewsApplication programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/30/llm-issues/
-
The number of Android memory safety vulnerabilities has tumbled, and here’s why
by
in SecurityNewsGoogle’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/26/android-memory-safety-vulnerabilities/
-
Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
by
in SecurityNewsGoogle has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of me… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/googles-shift-to-rust-programming-cuts.html
-
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws
by
in SecurityNewsGoogle’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases. The post Google Pus… First seen on securityweek.com Jump to article: www.securityweek.com/google-pushes-rust-in-legacy-firmware-to-tackle-memory-safety-flaws/
-
The Hidden Costs of Progress: Navigating the Challenges of Upgrading from Spring Framework and Spring Boot EOL Versions
by
in SecurityNewsSoftware development is a fast-paced world where progress is both a blessing and a curse. The latest versions promise new features, improved performan… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/the-hidden-costs-of-progress-navigating-the-challenges-of-upgrading-from-spring-framework-and-spring-boot-eol-versions/
-
How to Choose an LLM in Software Development
by
in SecurityNewsWith so many Large Language Models (LLMs) out there, selecting the right LLM is crucial for any organization looking to integrate AI into its operatio… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/how-to-choose-an-llm-in-software-development/
-
Survey Surfaces Growing SaaS Application Security Concerns
by
in SecurityNewsA survey of 300 application and software development, IT and security leaders finds nearly half (45%) working for organizations that, in the past year… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/survey-surfaces-growing-saas-application-security-concerns/