Cybersecurity supply chain risk management predictions for 2025
Thursday, January 16, 2025 by Austin Harris
DTS CEO and President Edward Tuorinsky shares his cybersecurity prediction for shaping the 2025 business landscape.
Cybersecurity in 2025 is like that party game where you whisper a phrase to the person next to you. One mistake is passed along to others, with funny outcomes. The stakes are higher, and the results are less amusing when data breaches or hacks travel al...
API Security Perspectives 2025 report from Kong Inc
Monday, December 30, 2024 by Richard Harris
Kong Inc. released findings from their API Security Perspectives 2025: AI-Enhanced Threats and API Security Report which highlights today’s API security landscape and how new developments in AI will impact it. Most notably, 25% of respondents have encountered AI-enhanced security threats related to APIs or LLMs, with 75% of respondents expressing serious concern a...
GenAI cybersecurity assistant lands from IBM
Friday, August 16, 2024 by Freeman Lightner
IBM recently announced the introduction of generative AI capabilities to its managed Threat Detection and Response Services utilized by IBM Consulting analysts to advance and streamline security operations for clients. Built on IBM's watsonx data and AI platform, the new IBM Consulting Cybersecurity Assistant is designed to accelerate and improve the identification,...
Veracode acquires Longbow Security
Thursday, April 18, 2024 by Freeman Lightner
Veracode announced the acquisition of Longbow Security, a security risk management platform for cloud-native environments. The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations effectively manage and reduce application risk across the growing attack surface.
The integration of Longbow in...
ASPM 2024 report from Cycode
Friday, December 15, 2023 by Richard Harris
Cycode announced the release of its inaugural State of ASPM 2024 report. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. Surprisingly, 77% of CISOs believe software supply ch...
API security risks report exposes Netflix and Wordpress
Monday, November 27, 2023 by Richard Harris
Wallarm, the end-to-end API and app security company, announced the release of its Q3-2023 Wallarm API ThreatStats report. The quarterly report details the surge in threats centered around APIs and uncovers critical vulnerabilities, like injections and API data leaks, that have recently impacted leading firms, including Netflix, VMware, and SAP.
The new report i...
AppSec 2023 predictions from Oxeye Security
Wednesday, February 8, 2023 by Freeman Lightner
Oxeye, the provider of award-winning cloud-native application security, announced five predictions expected to shape enterprise security spending in 2023. The predictions follow industry-wide research which shows the industry is shifting away from legacy software infrastructure and standardizing on cloud-native applications resulting in the need for new and more ef...
Zero trust policies for software releases could be key
Thursday, December 8, 2022 by Gopinath Rebala
Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...
Traceable AI and ArmorCode integration
Wednesday, August 24, 2022 by Brittany Hainzinger
ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud.
To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...
Automation software platform acquired by Perforce Software
Wednesday, April 13, 2022 by Brittany Hainzinger
Perforce Software announced that it has signed a definitive agreement to acquire Puppet, an infrastructure automation software platform that enables users to deliver, update, monitor, and secure software across physical and virtual machines. The financial terms of the transaction were not disclosed.
By increasing productivity, eliminating mistakes, enhancing security...
PKI Spotlight security solution launches
Wednesday, April 6, 2022 by Freeman Lightner
PKI Solutions announced the introduction of PKI Spotlight, an industry solution that provides real-time monitoring and alerting of the availability, configuration, and security of all organizations' PKI environments, all consolidated into one easy-to-use dashboard. PKI is a foundational technology for almost every identity and data encryption solution...
Vanta launches Automated ISO 27001 Certification and HIPAA Compliance
Tuesday, July 13, 2021 by Brittany Hainzinger
Vanta announced public availability for two new certification standards that help secure the internet and protect consumer data. Vanta provides automated compliance audits and continuous security monitoring through a robust SaaS platform, enabling companies to achieve industry standardization in weeks instead of months.
The rise of data leaks and privacy concerns hav...
Docker desktop for Mac is now available from Docker Inc
Thursday, April 15, 2021 by Brittany Hainzinger
Docker, Inc.™ announced general availability of its much-anticipated Docker Desktop for Mac, enabling developers to leverage the advantages of the latest Macs powered by the M1 chip and extending the reach of their Docker collaborative application development platform to a new architecture.
“This is great news for the many developers who have been clamori...
Sonatype implements Applitools to ensure app quality
Friday, March 12, 2021 by Brittany Hainzinger
Sonatype was in search of a solution to prevent visual bugs across the variety of operating systems and browsers supported by the Nexus platform.
After implementing Applitools, the engineering team can solely focus on delivering value, while Applitools uncovers countless unexpected changes before code ever leaves development.
Moving forward, Sonatype will deploy a...
Hybrid cloud services general availability announced by IBM
Tuesday, March 2, 2021 by Brittany Hainzinger
IBM announced that its hybrid cloud services are now generally available in any environment -- on any cloud, on premises or at the edge -- via IBM Cloud Satellite. Lumen Technologies and IBM have integrated IBM Cloud Satellite with the Lumen edge platform to enable clients to harness hybrid cloud services in near real-time and build innovative solutions at the edge.
...
LinearB and Clubhouse partner to help software project delivery
Tuesday, February 16, 2021 by Richard Harris
LinearB and Clubhouse announced a partnership to help software development teams continuously improve project delivery by providing a complete picture of product and engineering lifecycles. Technical integration between the products will offer dev teams detailed project visibility and team-based metrics by correlating data across projects, code, Git activity and release...
Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
GitLab acquires Peach Tech and Fuzzit
Friday, June 12, 2020 by Brittany Hainzinger
GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...
How gamifying security improves cooperation with developers
Monday, May 11, 2020 by Ante Gulam
Scaling security across development challenges the most seasoned professionals. Regardless of company size or industry, risks can no longer be comfortably managed across an organization as a centralized function. Security leaders need people in other departments to understand risks and help their teams remediate and reduce them for security to be successful. Last month,...
Zero Trust platform from Pulse Secure is enhanced
Tuesday, October 29, 2019 by Richard Harris
Pulse Secure announced that it has introduced new Secure Access management and threat mitigation capabilities within its Zero Trust Network Access platform. Through these enhancements, Pulse Secure enables enterprise and service provider organizations to progress Zero Trust security and mitigate hybrid IT risks while simplifying access to multi-cloud and data center res...
Build applications at speed with Cohesity Agile Dev
Thursday, September 12, 2019 by Freeman Lightner
Cohesity has announced the launch of Cohesity Agile Dev and Test, a new solution that addresses key bottlenecks organizations face in building applications at speed. It moves away from the request-fulfill model where developers request access to production-grade data and wait sometimes weeks for IT operations teams to provide the data needed to build...
Zero latency apps gets closer to reality thanks to Redis Labs
Tuesday, November 20, 2018 by Richard Harris
Complex technologies like a self-driving car take in huge amounts of data from its environment, processing it and make appropriate decisions on how to respond within a few milliseconds. This is the kind of zero latency future Redis Labs is enabling, and they announced at Redis Day London, the latest release of Redis Enterprise with two key functionalities: Red...
Netskope unifies enterprise cloud and web security
Thursday, April 5, 2018 by Austin Harris
Netskope has announced the general availability of Netskope for Web, an expansion of the Netskope Cloud Security platform that enables safe web use for enterprise organizations. Powered by the same cloud-native architecture and patented Cloud XD technology of the award-winning and market-leading Netskope cloud access security broker (CASB), Netskope for Web uniquely und...
Sonatype expands firewall to stop dev vulnerabilities
Friday, March 9, 2018 by Austin Harris
Sonatype has announced that the Nexus Firewall is now available to support the more than 10 million developers currently using the open source version of Nexus Repository. Previously only available to commercial users of Nexus Repository Pro, the newest version of Nexus Firewall gives all Nexus Repo users the ability to automatically stop vulnerable open source componen...
Puppet partners with Amazon Web Services for agile cloud migration
Wednesday, November 22, 2017 by Richard Harris
Puppet announced a new collaboration with Amazon Web Services (AWS), which includes the launch of AWS OpsWorks for Puppet Enterprise, a new, fully-managed Puppet Master. This new solution empowers customers with a complete automation strategy for operating at scale, while providing them with the agility and flexibility of the cloud.In order to successfully operate and s...
Apperian announces new security capabilities
Monday, July 3, 2017 by Richard Harris
Apperian, an Arxan company and provider of mobile application management (MAM) and security solutions, has announced several platform enhancements, which increase the security of enterprise mobile app data. These updates take advantage of native device capabilities, multiple industry protocols and additional password controls, to provide a solution for distributing secu...
IBM Watson for cyber security has cognitive skills
Monday, February 13, 2017 by Richard Harris
According to IBM research, security teams sift through more than 200,000 security events per day on average, leading to over 20,000 hours per year wasted chasing false positives. The need to introduce cognitive technologies into security operations centers will be critical to keep up with the anticipated doubling of security incidents over the next five years and increa...
8 cyber security predictions for what's to come in AsiaPacific
Thursday, December 29, 2016 by Austin Harris
Cyber security received heightened interest in 2016 due to a spate of cyber attacks in the region. These included cyber attacks on the database of 55 million voters at the Philippines Commission on Elections (COMELEC), the National Payment Corporation of India (NPCI), US$81 million cyber heist at the Bangladesh Central Bank and the massive data leaks as shown by the Yah...
Virtual Desktop Infrastructure: The way forward in government mobility
Monday, November 28, 2016 by Edris Amiryar
Advances in technology are rapid and can be hard to keep up with, especially for large organizations. The federal government relies heavily on IT to accomplish its tasks and there is increasing demand for access to information from any location, in any geography, meaning that for federal agencies, improved mobility and mobile data security are imperative for m...
Intel Security Enhances Unified Defense Architecture
Thursday, November 3, 2016 by Richard Harris
Intel Security has announced an enhanced unified defense architecture designed to empower organizations to more effectively protect a new digital economy of trust, time and money. No longer is our economy a physical one, but one of connected networks and systems where cybercriminals have put us on the defensive. This new second economy, has put us in a world where ...
New research shows that using advanced security drives new business growth
Wednesday, October 12, 2016 by Austin Harris
A global study from CA Technologies revealed that organizations are measuring the success of IT security beyond just breaches and compliance; they now are including business performance indicators that contribute directly to revenue growth. The study, The Security Imperative: Driving Business Growth in the App Economy, polled 1,770 senior business and IT executives, inc...
Checkmarx Tells Us Why App Developers Should Care About App Security
Thursday, August 18, 2016 by Richard Harris
We recently had a conversation with Emmanuel Benzaquen at Checkmarx to talk about how they are able to scrutinize code with a fine-toothed comb and find vulnerabilities early and why other developers need to be doing the same. With clients such as Coca-Cola, SAP, and Salesforce, they seem to be carving out a niche for application security in the crowded tech-s...
IBM Security Channels Its Inner XMen with Launch of IBM XForce Red Security Division
Friday, August 5, 2016 by Stuart Parkerson
Someone in charge of naming divisions at IBM must have been a big Sci-Fi fan as is evidenced with IBM Security’s name for the a news security task force - IBM X-Force Red. Yep, that’s the name for a new group of IBM security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software...
Twistlock Offers Small Development Firms Free Version of its Container Security Suite
Friday, February 19, 2016 by Stuart Parkerson
Twistlock is releasing a free version of its signature Container Security Suite that is aimed at providing individual developers and small organizations with the ability to try out containerization. The free “Developer’s Edition” is designed to help individual developers or small companies that are just getting started with container technologies. It opens up the i...
Using Continuous Intelligence for Real Time Machine Data Analytics
Tuesday, February 9, 2016 by Richard Harris
The sophistication of business analytics continues to grow exponentially as companies introduce more robust and advanced analytics solutions. One such company is Sumo Logic, which offers a SaaS-based log analytics platform which analyzes terabytes of data in real-time.We visited with Christian Beedgen, Sumo Logic’s CTO, to learn about his company’s “Continuous Intellige...