Microsoft misconfigurations expose millions of records globally
Monday, November 18, 2024 by Freeman Lightner
In September 2024, significant data exposure was discovered within Microsoft Power Pages, a low-code SaaS platform, due to misconfigured access controls. The exposure, which potentially affected millions of individuals, highlights the risks associated with excessive permissions granted to the platform's "Anonymous" and "Authenticated" user roles....
Impacts of AI revealed in TestRail report
Tuesday, October 15, 2024 by Richard Harris
TestRail announced its latest report, “Exploring the Impact of AI in QA.” Based on the QA industry’s first AI-focused research survey, this comprehensive report draws on insights from over 1,000 QA professionals and aims to cut through the hype surrounding artificial intelligence, offering a clear and accurate picture of how QA teams are adopting, plan...
Off-the-shelf intelligent automation beats custom ECM monitoring
Monday, October 14, 2024 by Austin Harris
The accumulation of digital information is overwhelming, and the reliance on increasing access must be recognized. The danger in this climate is that storage capacity can be quickly consumed if structured and unstructured data are not adequately managed. More storage can lead to more costs and complexity - especially regarding compliance mandates. On top of that, more t...
Vulnerabilities in Apple products alert
Monday, September 30, 2024 by Richard Harris
CERT-In has recently issued Advisory CIAD-2024-0046, highlighting multiple high-severity vulnerabilities in Apple products. The vulnerabilities affect a wide range of Apple software, including iOS versions prior to 18, iPadOS versions prior to 18, macOS Sonoma versions prior to 14.7, macOS Ventura versions prior to 13.7, and the upcoming macOS Sequoia versions prior to ...
6 step QA approach published by Info-Tech Research Group
Wednesday, September 4, 2024 by Richard Harris
As organizations integrate Agile, DevOps, automation, and AI into their development workflows, they encounter unique challenges in maintaining high software quality. To address these issues, Info-Tech Research Group has published a blueprint that provides actionable steps for consistently delivering exceptional software. The research emphasizes the need for IT leaders t...
Implement AI without data risks
Tuesday, September 3, 2024 by Richard Harris
The Gen AI bubble might not be growing as quickly as it was in 2023, but as adoption continues apace, organizations across the globe are still being caught out by outdated security protocols.
Tips to implement AI without data risks
To combat the risks associated with AI and to help more organizations take advantage of it, Andrew Smith, CISO for Kyocera Document So...
AI regulations in software development
Tuesday, August 27, 2024 by Richard Harris
AI is rapidly changing the software development field, making clear regulations essential to prevent risks like data breaches and ensure ethical practices. These regulations are also key to reshaping developer roles while preserving the need for human expertise.
AI regulations in software development
The implementation of formal AI policies within companies is cri...
IT Assistant launches from Info-Tech Research Group
Tuesday, August 20, 2024 by Russ Scritchfield
Info-Tech Research Group has officially launched its chatbot, which is driven by generative artificial intelligence (Gen AI), "IT Assistant." The new feature provides seamless assistance on the firm's website to all of its members. IT Assistant offers an intuitive conversational interface that helps users discover precise and relevant research content and ...
Generative AI in Application Security report from Checkmarx
Monday, August 12, 2024 by Richard Harris
Checkmarx, the in-cloud-native application security provider, has published its Seven Steps to Safely Use Generative AI in Application Security report, which analyzes key concerns, usage patterns, and buying behaviors relating to the use of AI in enterprise application development. The global study exposed the tension between the need to empower both...
API Consumption Management report highlights
Wednesday, July 24, 2024 by Richard Harris
Lunar.Dev recently announced the release of its inaugural report, "The 2024 State of API Consumption Management." This report focuses on API consumption management and includes an in-depth analysis of current trends, challenges, and strategies involving over 200 companies in managing third-party APIs.
As companies increasingly use and rely on dive...
SaaS integration challenges explained by Prismatic
Wednesday, July 17, 2024 by Richard Harris
In this Q&A, we delve into the world of SaaS integrations with the CEO and co-founder of Prismatic Michael Zuercher. He shares valuable insights on the challenges companies face when implementing integrations, including security concerns, scaling difficulties, and the impact on core product development. Michael offers guidance on mitigating security risks and evalua...
Overcoming burnout in software QA with surfing
Friday, June 14, 2024 by Ramcham Floyd T. Gaid
Life has been changing and challenging as the future arises. Fear and anxiety is bringing risks to business owners, employees and to our families because of uncertainties of the future. With the technologies evolving rapidly with AI and the Cloud the Metaverse world becomes relevant in the near future. Life is supposed to be lived in happiness with a healthy lifestyle, ...
Social engineering takeover attacks are on the rise
Thursday, April 18, 2024 by Brittany Hainzinger
OpenSSF and the OpenJS Foundation (home to JavaScript projects used by billions of websites worldwide) are alerting open-source project maintainers of social engineering takeover attacks, following new attack attempts they’ve witnessed similar to the XZ Utils incident.
The OpenJS Cross Project Council received suspicious emails, imploring OpenJS to update one o...
ONCD asks software manufacturers to adopt memory safe languages
Tuesday, March 5, 2024 by Richard Harris
The White House Office of the National Cyber Director (ONCD) has released a new report asking software manufacturers to adopt memory-safe programming languages to help reduce vulnerabilities from entering the supply chain.
"For thirty-five years, memory safety vulnerabilities have plagued the digital ecosystem, but it doesn’t have to be this way. This repo...
Tom Brady NFT sale sparks warning to consumers from experts
Wednesday, February 28, 2024 by Freeman Lightner
An expert has warned those considering purchasing an NFT off the back of the Tom Brady $40.7k sale, as NFT marketplaces saw $38 million stolen by scammers last year.
The findings, pulled together by Smart Betting Guide, analyzed a database recording crypto scams and exploits to identify the most vulnerable platforms and blockchains over the last year - with NFT marke...
Top data predictions for 2024 from Alluxio
Thursday, February 8, 2024 by Richard Harris
Alluxio’s Founder and CEO Haoyuan (H.Y.) Li forecasts major developments in Artificial Intelligence (AI), cloud, data and analytics, devops and storage in 2024. Data strategies will continue to require solutions that enable enterprises to manage complex data across diverse sources, optimize performance, scale in hybrid/multi-cloud environments, and operate efficie...
Secure software development insights from The Linux Foundation
Monday, February 5, 2024 by Richard Harris
The Linux Foundation published a new report, Maintainer Perspectives on Open Source Software Security, based on a survey of OSS maintainers and core contributors, to understand perspectives on OSS security and the uptake and adoption of security best practices by maintainers, core contributors, end users, and other members of the OSS ecosystem.
Maintainer Perspective...
Red Hat Developer Hub is available now
Wednesday, January 24, 2024 by Richard Harris
Red Hat, Inc., the provider of open-source solutions, announced the general availability of Red Hat Developer Hub, an enterprise-grade internal developer platform (IDP) based on Backstage, an open-source Cloud Native Computing Foundation (CNCF) project. Featuring a self-service portal, standardized software templates, dynamic plug-in management, enterprise role-ba...
Software delivery lifecycle security predictions from OpsMx
Wednesday, December 20, 2023 by Richard Harris
Heading into 2024, enterprises face mounting security concerns related to data breaches, evolving privacy regulations, and their increasing reliance on the cloud and software service providers. As such, they are under increasing pressure to secure the software delivery lifecycle and better understand where the threats are coming from and what their vulnerabilities are. ...
AI cybersecurity impacts according to NetLib Security
Monday, December 18, 2023 by Richard Harris
This is an easy call to make: NetLib Security predicts that Artificial Intelligence - Generative AI - will continue to heavily impact the world of cybersecurity, upping the game for defensive players, while giving cybercriminals more tools on the offensive side.
2023 was a year in which AI seemed suddenly to be everywhere. Although AI is not a new field, ChatGPT and ...
ASPM 2024 report from Cycode
Friday, December 15, 2023 by Richard Harris
Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...
Full stack monitoring platform New Relic appoints new CEO
Tuesday, December 12, 2023 by Freeman Lightner
New Relic, the all-in-one observability platform for every engineer, announced that Ashan Willy has been appointed as their new Chief Executive Officer.
"I have long admired New Relic as a true pioneer in the observability market, and am honored to have the opportunity to lead the company as it embarks on the next phase of its journey. The opportunity ahead of u...
Aragon OSx app launches on Arbitrum
Tuesday, December 12, 2023 by Richard Harris
Aragon has deployed its modular Aragon OSx DAO framework and no-code Aragon App on Arbitrum, opening the door for DAOs to interact with a thriving ecosystem of protocols, applications, and assets. Arbitrum’s rollup technology serves as a gateway to the largest Layer 1 ecosystem - Ethereum - and Aragon’s user-friendly tech stack unlocks the mass adoption of D...
API security risks report exposes Netflix and Wordpress
Monday, November 27, 2023 by Richard Harris
Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP.
The new report i...
Red Hat AI revealed at KubeCon 2023
Friday, November 10, 2023 by Richard Harris
At KubeCon 2023 Red Hat made a number of announcements for its hybrid cloud portfolio, including the general availability of Red Hat Device Edge and Red Hat OpenShift 4.14; new certified plug-ins for the Backstage community; and Red Hat’s vision for AI and automation.
Red Hat Device Edge is now generally available
Red Hat Device Edge aggregates an enterprise...
Kubernetes data collection feature released from Sumo Logic
Friday, November 10, 2023 by Freeman Lightner
Sumo Logic, the SaaS log analytics platform, announced the availability of its HELM Chart V4 feature to fully unify data collection as part of its continued commitment to OpenTelemetry (OTel). Organizations can now package, configure, and deploy applications and services on Kubernetes clusters with OpenTelemetry as a default to simplify the collection of metrics, events...
You can now use Google Clouds BigQuery with Velotix
Monday, October 30, 2023 by Richard Harris
Velotix announced an integration with Google Cloud’s BigQuery, a serverless enterprise data warehouse, to provide AI-driven data protection and access management for sensitive data stored in Google Cloud. The Velotix data security platform governs and controls compliant access to data throughout the data access lifecycle to provide maximum data utilization wi...
Kubernetes optimizations land from PerfectScale
Wednesday, October 25, 2023 by Richard Harris
PerfectScale announced that they have successfully closed $7.1 million in seed funding, led by Blumberg Capital with participation from Upwest, Prelude Ventures, K2 Access Fund, Inner Loop Capital, Triangle Tweener Fund, and Firestreak Ventures. The latest investment brings the company’s total funding to nearly $10 million, since its founding in March, 2022.
Wi...
App security threat report results from Digital Ai
Thursday, October 19, 2023 by Richard Harris
Digital.ai announced the results of its 1st annual Application Security Threat Report, illuminating and quantifying the risks to applications in the wild. The results reveal that 57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) the most likely to be attacked. The study found no correlation between an app’s popularity and likelihood o...
Will AI take your programming job
Wednesday, October 4, 2023 by Freeman Lightner
Some of you might be wondering, is your coding job under threat from AI? It's a question that a lot of programmers are talking about so we conducted an in-depth analysis on its effects on programming jobs to get a concrete answer. Our results revealed how artificial intelligence is influencing programming jobs, whether it replacing programmers or changing ...
Detect hard coded secrets with new capabilities from Cycode
Thursday, August 10, 2023 by Freeman Lightner
Cycode announced the expansion of its hard-coded secrets detection in cloud-based workplaces, as well as a collaboration with Azure DevOps pipelines to ensure end-to-end supply chain integrity and a new IDE plug-in for seamless integration with VS Code.
Building upon its existing code-to-cloud coverage, Cycode now extends its secrets scanning capabilities to encompas...
AI dApp builder and blockchain land from Seneca
Wednesday, July 19, 2023 by Richard Harris
Seneca announces a series of product launches: full-scale application development within a decentralized environment. The platform unveiling and token presale signify a paradigm shift in data ownership and user autonomy.
As AI technology continues to evolve, the demand for personal data has grown exponentially. However, the adoption of these technologies faces challe...
Is Temu safe, legit, or dangerous: Perspective from an app developer
Wednesday, July 12, 2023 by Richard Harris
Temu is a shopping website, and app chalked full of products from overseas at ridiculously dirt cheap prices. They have almost everything you can imagine too. From laser pointer slingshots to Expresso makers, the entire ecosystem is built around keeping you shopping with a gamified experience, and it gets addicting quickly.
Some of the ADM staff have placed orders an...
Warning to app developers from dating app founder
Thursday, May 25, 2023 by Freeman Lightner
Leading consensual non-monogamy (CNM) app 3Fun, is the victim of an attempted trademark infringement extortion plot that has included the temporary removal of the app from the iOS App Store. This unexpected disruption has greatly impacted 3Fun's business, as it loses new and current iOS users and risks losing its high ranking in the App Store.
The extortion plot ...
Financial and operational planning have a love hate relationship
Thursday, May 11, 2023 by Stephen Dombroski
For many business organizations, internal departments working independently of one another is the norm. This norm creates siloed day-to-day functions and rigid disconnects in processes. This is especially true when it comes to sales and operations planning (S&OP). Low-maturity organizations allow budgets to dictate operational planning, and medium-maturity organizat...
.jpg)
