security testing

security testing news search results

Developer news items we found relating to security testing

35 results
Justin-Dolly-becomes-Chief-Security-Officer-at-Sauce-Labs

Justin Dolly becomes Chief Security Officer at Sauce Labs


Wednesday, February 12, 2020 by

Sauce Labs Inc. announced the appointment of Justin Dolly as chief security officer. A security industry veteran with more than 20 years of experience, Dolly will develop, implement, and enforce the company’s long-term security strategy, ensuring its customers have the highest level of protection to support their digital goals. The hiring of Dolly follows the rece...


API-contracts-at-the-heart-of-security-in-42Crunch-release

API contracts at the heart of security in 42Crunch release


Thursday, August 8, 2019 by

42Crunch, the creator of the industry's first API Firewall has released the API security platform with enhanced tools for developers to easily define security in OpenAPI contracts, enabling an agile DevSecOps experience, and providing full visibility into each individual API's security landscape. API security is complex and becomes a bottleneck wh...


DJI

DJI's Manifold 2 can make drones autonomous robots


Monday, June 3, 2019 by

DJI announced Manifold 2, an ultra-compact onboard supercomputer for DJI drones that enables the next-generation of autonomous aerial robotics solutions. With the additional compute capability of Manifold 2, users can process complex image data onboard the drone and get results immediately and can program drones to fly autonomously while identifying objects and avoiding...


Acronis-gives-developers-early-access-to-new-cyber-platform

Acronis gives developers early access to new cyber platform


Monday, April 29, 2019 by

Acronis announced the opening of its core platforms, enabling broad, third-party developer access to the Acronis Cyber Platform to encourage expanded functionality and application integrations while expanding their opportunities in Acronis’ large ecosystem. The Acronis Cyber Platform, which is the foundation of the company’s existing services, features a ...


Low-code-pros-and-cons

Low code pros and cons


Wednesday, April 17, 2019 by

If you are a coder - someone who can actually write source code for software development, you are probably tired of the constant barrage of emails from head-hunters wanting to snipe you from your current position. You are in demand my friend, very high demand in fact, and there is no sign of it slowing down. Developers are needed in every sector of the IT industry, but ...


API-security-testing-just-got-easier-with-42Crunch

API security testing just got easier with 42Crunch's new scanner


Thursday, March 21, 2019 by

42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...


Just-Commit-says-GitLab

Just Commit says GitLab


Thursday, March 7, 2019 by

Nike’s “Just Do It” campaign has inspired athletes since 1988. Now, in 2019, GitLab draws on that mantra to motivate developers and create a lead employees to success. This year marks DevOps’ 10-year anniversary, and over the past 10 years the approach to the industry and culture has continued to change. However, one thing remains the same - you ...


IAST-supports-AppSec-efficiencies-while-cutting-costs-and-headaches

IAST supports AppSec efficiencies while cutting costs and headaches


Monday, November 26, 2018 by

It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....


How-the-reddit-security-breach-reminds-us-to-be-careful

How the reddit security breach reminds us to be careful


Monday, August 6, 2018 by

reddit recently disclosed in their announcements feed of a security breach into their system which the hacker "managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords." Include in the disclosed information was some reddit source code and some log files. They went on to sa...


What-some-experts-are-saying-about-GDPR

What some experts are saying about GDPR


Friday, May 18, 2018 by

The GDPR bill is causing an uproar in the industry as the compliance date comes ever nearer. Yet few can say they actually know much about the bill that will come into place on May 25th.GDPR, or the General Data Protection Regulation, is an expansion upon the EU’s previous Data Protection Act of 1998, extending the boundary of its territorial mandate from whatever juris...


Enterprises-need-a-software-security-program

Enterprises need a software security program


Tuesday, January 30, 2018 by

The answer to the “why” enterprises need a software security program question is pretty straightforward. There are no circumstances under which any but the smallest firms can expect a collection of independent activities - a pen test here, an hour of training there, some free tools that may or may not work as advertised - will consistently result in appropriately secure...


Most-cryptocurrency-mobile-apps-are-vulnerable

Most cryptocurrency mobile apps are vulnerable


Thursday, November 30, 2017 by

Over 1,300 crypto currencies exist today with over $300 Billion market capitalization. One of the most popular and oldest cryptocurrency - Bitcoin has almost reached $10,000 price after several months of fluctuation, but continuous and steady growth.A wide spectrum of mobile applications for cryptocurrencies were released during the last few years by various startups, i...


Rethinking-DevOps-as-DevSecOps

Rethinking DevOps as DevSecOps


Thursday, October 12, 2017 by

If you’re not already thinking right now that your DevOps teams should be run like a DevSecOps team, you may already be in a world of hurt. Time to wake up! As the adoption of APIs continues to grow, so do the risks to organizations that don’t actively test the security of their solutions. Modern Agile development frameworks have changed the way engineering teams produc...


Veracode-announced-two-new-key-integrations

Veracode announced two new key integrations


Friday, August 11, 2017 by

Veracode, a software security company acquired by CA Technologies, has announced the Veracode HPE Application Lifecycle Manager (ALM) Flaw Synchronizer Plug-in, which empowers development and QA/release engineers to fix security vulnerabilities early in the Software Development Lifecycle (SDLC). The company also announced an enhanced integration to the Veracode Applicat...


DevSecOps-will-help-security-and-developers-play-nice

DevSecOps will help security and developers play nice


Thursday, June 15, 2017 by

Veracode, a security software company acquired by CA Technologies, has announced the results of a study examining the relationships between application developers and security teams.The study, conducted in conjunction with Enterprise Strategy Group (ESG), shows that despite the pervasive belief that security and development teams have conflicting priorities, initiatives...


A-DevOps-framework-for-federal-customers

A DevOps framework for federal customers


Wednesday, May 17, 2017 by

Last Thursday, President Trump signed an executive order designed to strengthen the cybersecurity of federal networks including moving all federal IT systems to the cloud. The executive order also calls for effective risk management, which includes requiring planning so that maintenance, improvements and modernization occur in a coordinated way and with appropriate regu...


Improve-mobile-app-security-by-turning-it-into-code

Improve mobile app security by turning it into code


Monday, May 8, 2017 by

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...


How-companies-can-keep-their-remote-teams-safe

How companies can keep their remote teams safe


Monday, April 3, 2017 by

If you hate bringing your work home with you, spare a thought for the 3.7 million Americans for whom home is the workplace.The telecommuter population is growing faster than the overall employee base, according to Global Workplace Analytics, and with half of all jobs deemed suitable for performing from home, it is a trend that is set to go on growing. Already, around a ...


Intentbased-mobile-app-security:-It

Intentbased mobile app security: It's harder than you think


Thursday, March 23, 2017 by

Recently, intent-based security has become a buzzword and a commonly used phrase in the developer community. However, this new wave of security is much more than just a catchphrase. The concept of intent-based security adds a new level of protection to applications in containerized environments, specifically by understanding what the app is intended to do and looking fo...


Canonical-collaborates-to-with-NXP-to-improve-IoT

Canonical collaborates to with NXP to improve IoT


Wednesday, March 22, 2017 by

NXP and Canonical have collaborated to port Ubuntu Core to the LS1043A, a quad-core SoC targeted at IoT gateways and networking equipment. With this combination, device manufacturers gain a platform with which to build high throughput IoT Gateways.Ubuntu Core has been used in a variety of devices from IoT Gateways to network equipment. IoT Gateways benefit from the wide...


ImmuniWeb-Mobile-launches-to-offer-better-mobile-security-testing

ImmuniWeb Mobile launches to offer better mobile security testing


Wednesday, March 15, 2017 by

High-Tech Bridge announces the launch of ImmuniWeb Mobile as part of ImmuniWeb Application Security Testing Platform. The new offering will provide comprehensive assessment of iOS and Android mobile applications, mobile infrastructure backend and data channel encryption. All ImmuniWeb Mobile packages are provided with a zero false-positives SLA. The mobile application s...


Veracode-sells-to-CA-Technologies-for-$614M

Veracode sells to CA Technologies for $614M


Wednesday, March 8, 2017 by

CA Technologies announced it has signed a definitive agreement to acquire Veracode, a company that is securing web, mobile and third-party applications across the software development lifecycle, for approximately $614 million in cash. The transaction is expected to close in the first quarter of fiscal year 2018, and is subject to customary closing conditions, including ...


Checkmarx-opens-beta-support-for-Scala-programming-language

Checkmarx opens beta support for Scala programming language


Wednesday, February 1, 2017 by

Checkmarx, an application security testing company, has announced open beta support of the Scala programming language. The new capability adds the ability to analyze and remediate security risks and vulnerabilities exposed in projects written using Scala code.The added capability not only allows the detection of vulnerabilities within Scala code, but also the ability to...


New-VS-plugin-from-Checkmarx-lets-DevOps-teams-to-rapidly-embed-security

New VS plugin from Checkmarx lets DevOps teams to rapidly embed security


Wednesday, November 16, 2016 by

Checkmarx just announced a new Checkmarx plugin for the Microsoft Visual Studio Team Services platform. The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the delays traditionally caused by application security t...


What-happens-to-security-when-your-apps-go-to-the-cloud

What happens to security when your apps go to the cloud


Wednesday, November 9, 2016 by

When Marc Andreessen wrote, “software is eating the world,” he meant that every business is literally turning into software. The problem is that every line of code you write makes you easier to attack. Historically, we dealt with security by putting up walls and scanning. But the complexity of modern software environments has made these approaches ineffective ...


A-discussion-on-cloud-sandboxes-with-Quali

A discussion on cloud sandboxes with Quali's CMO Shashi Kiran


Monday, October 17, 2016 by

DevOps processes are used to accelerate the development of cloud applications, and sandboxes can help by providing actual replicas of production environments for developers to try out new code, or for test teams to get access to holistic real-world environments without the risk of harming a live production environment.  We recently had an interesting conversat...


Hewlett-Packard-Enterprise-Introduces-New-Application-Security-Solutions

Hewlett Packard Enterprise Introduces New Application Security Solutions


Monday, September 19, 2016 by

Hewlett Packard Enterprise (HPE) has introduced the HPE Fortify Ecosystem and Fortify on Demand (FoD) continuous application monitoring service. The online marketplace and service are designed to help organizations create secure applications by naturally integrating security testing processes and resources throughout the fast-paced software development lifecycle (SDLC)....


Checkmarx-Tells-Us-Why-App-Developers-Should-Care-About-App-Security

Checkmarx Tells Us Why App Developers Should Care About App Security


Thursday, August 18, 2016 by

We recently had a conversation with Emmanuel Benzaquen at Checkmarx to talk about how they are able to scrutinize code with a fine-toothed comb and find vulnerabilities early and why other developers need to be doing the same. With clients such as Coca-Cola, SAP, and Salesforce, they seem to be carving out a niche for application security in the crowded tech-s...


Quali-Tells-Us-What-the-Coolest-Thing-About-Sandboxing-Is

Quali Tells Us What the Coolest Thing About Sandboxing Is


Friday, August 12, 2016 by

Getting good quality software to the market fast is a big challenge, so we recently sat down with Joan Wrabetz, CTO of Quali to chat about Cloud Sandboxing, Community and the Hottest New Release for Full-Stack Application Environments.ADM: Tell me a little about Quali?Wrabetz: Quali is the leading provider of Cloud Sandboxes for automating the DevOps lifecycle. We give ...


Synopsys-Makes-Updates-to-its-Seeker-Runtime-Security-Analysis-Tool

Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool


Monday, August 8, 2016 by

Synopsys has released the latest version of its Seeker runtime security analysis solution. Seeker analyzes web application code and data flows at runtime using a technique known as an Interactive Application Security Testing (IAST), which detects and confirms exploitable security vulnerabilities and provides insight that allows developers to address their root causes. T...


IBM-Security-Channels-Its-Inner-XMen-with-Launch-of-IBM-XForce-Red-Security-Division

IBM Security Channels Its Inner XMen with Launch of IBM XForce Red Security Division


Friday, August 5, 2016 by

Someone in charge of naming divisions at IBM must have been a big Sci-Fi fan as is evidenced with IBM Security’s name for the a news security task force - IBM X-Force Red. Yep, that’s the name for a new group of IBM security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software...


Cloud-Security-Alliance-Issues-Mobile-Application-Security-Testing-Report

Cloud Security Alliance Issues Mobile Application Security Testing Report


Monday, August 1, 2016 by

The Cloud Security Alliance has released a new report surrounding its Mobile Application Security Testing Initiative. The purpose of the report is to provide the Alliance’s insight into building out a roadmap for establishing a more secure cloud ecosystem to protect mobile applications.The Alliance’s Mobile Application Security Testing (MAST) Initiative offers...


SmartBear-Adds-.NET-Framework-Functionality-to-Its-API-Testing-Framework

SmartBear Adds .NET Framework Functionality to Its API Testing Framework


Wednesday, July 27, 2016 by

SmartBear Software has announced that API developers using Visual Studio to build software using the open source .NET Framework can now utilize the SmartBear’s Ready! TestServer API testing framework.In April SmartBear announced similar support for Java developers using tools like Eclipse, IntelliJ and others. With the .Net announcement developers can now use the open s...


Testing-is-Like-the-Rodney-Dangerfield-of-DevOps--It-Gets-No-Respect

Testing is Like the Rodney Dangerfield of DevOps It Gets No Respect


Tuesday, June 14, 2016 by

When Joan Wrabetz, CTO of QualiSystems, reached out to discuss why “Test is like the Rodney Dangerfield of DevOps – it gets no respect”, I thought, “Ok, I’ll listen to that.” So here you go:ADM: So, you mentioned to me that “Test is like the Rodney Dangerfield of DevOps – it gets no respect”, but you also mention that in a recent Gartner survey, over 50% of respondents ...


WhiteHat-Web-Applications-Security-Statistics-Report-Highlights-Chronic-Vulnerabilities

WhiteHat Web Applications Security Statistics Report Highlights Chronic Vulnerabilities


Sunday, June 12, 2016 by

WhiteHat Security has released its eleventh annual Web Applications Security Statistics Report which was compiled using data collected from tens of thousands of websites to analyze vulnerabilities, remediation rates and risk levels. The report reveals that on average, the majority of web applications exhibit two or more serious vulnerabilities per application for every ...