vulnerabilities

vulnerabilities news search results

Developer news items we found relating to vulnerabilities

35 results
Faster-customer-integrations-from-HackerOne

Faster customer integrations from HackerOne


Thursday, July 29, 2021 by

Tray.io has announced that HackerOne is using Tray Embedded to develop and deliver powerful customer integrations at scale. With Tray Embedded, HackerOne quadrupled its integration delivery speed to maximize developer efficiency and reduce the integration maintenance burden. Armed with seamless integrations, HackerOne customers can spend less time context-switching...


Cyvatar-raises-9-million-for-cybersecurity-as-a-service-model

Cyvatar raises 9 million for cybersecurity as a service model


Monday, June 21, 2021 by

Cyvatar announced that it has raised $9 million as part of its Series A financing to help scale and serve its rapidly growing customer base and continue to drive the adoption of its innovative cybersecurity-as-a-service (CSaaS) model. Cyvatar raises 9 million for cybersecurity as a service model Escalating cybersecurity breaches and the need to addr...


Compliance-automation-will-take-center-stage-this-year

Compliance automation will take center stage this year


Wednesday, May 26, 2021 by

Compliance automation uses artificial intelligence features and technology to make compliance procedures easier - according to most sources on the web, about the meaning of compliance automation.  Progress Software CEO Yogesh Gupta says with smart companies turning to a compliance-as-code approach to keep infrastructure, apps, and end-user devices secure and com...


Not-all-security-vulnerabilities-are-created-equal

Not all security vulnerabilities are created equal


Tuesday, May 25, 2021 by

Applications are the heart of employee and user productivity. There are billions of applications each with a specific function, value and, unfortunately, they also provide one of the easiest openings for cybercriminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the concept o...


Six-areas-of-focus-for-continuous-security

Six areas of focus for continuous security


Friday, April 16, 2021 by

Applications are the heart of employee and user productivity. There are billions of applications each with a specific function and value and, unfortunately, they also provide one of the easiest openings for cyber criminals and hackers to gain access to critical IT infrastructure and information assets. While most IT security professionals implicitly understand the conce...


Improving-security-posture-with-static-application-security-testing-

Improving security posture with static application security testing


Friday, February 12, 2021 by

Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...


Security-and-reliability-become-one-for-APIs-in-2021

Security and reliability become one for APIs in 2021


Tuesday, January 19, 2021 by

Reliability -- especially for APIs -- is growing because our reliance on APIs is growing, while at the same time how we develop software has changed. Modern software stacks are written as a collection of microservices, with each service written in a type-safe language that better guards against low-hanging vulnerabilities. However, it also makes reasoning about how...


How-DevOps-will-change-in-2021

How DevOps will change in 2021


Saturday, January 9, 2021 by

DevOps will become much more security-aware. We’ll see greater attention paid to the newly expanded surface area created in the practice of DevOps and how to proactively protect against vulnerabilities in DevOps. How DevOps will change in 2021 and the Impact from it First, IT Ops and DevOps teams will need to reorient their processes to one that unifies...


Continuous-delivery-will-no-longer-be-an-acceptable-excuse-in-2021

Continuous delivery will no longer be an acceptable excuse in 2021


Tuesday, January 5, 2021 by

2021 will see a shift from the speed of delivery of software and applications to prioritizing the quality of the digital experience. Continuous delivery will no longer be an acceptable excuse for low quality. The approach of just release it, and if there are problems, we'll fix it in the next release will be retired. In our digitally dependent world, users will no l...


5-mistakes-businesses-make-in-application-development

5 mistakes businesses make in application development


Friday, October 23, 2020 by

5 Mistakes Businesses Make While Prioritizing Speed Over Security in Application Development Earlier this year, the Democratic party in Iowa announced its plans to use a smartphone app to calculate and transmit their caucus results. One would think that by using technology to improve the speed of governance, what could possibly go wrong? A lot, apparently. The a...


Trump-and-Biden-app-vulnerabilities-raise-concern

Trump and Biden app vulnerabilities raise concern


Thursday, October 22, 2020 by

With election season upon us, the US population is being inundated by candidate and proposition propaganda from a variety of sources – including television, the US mail, and mobile device apps. As annoying as this flood of information is at times, it’s important to understand that when it comes to these popular apps, and in fact all apps, if certain security...


HackNotice-announces-threat-intelligence-platform

HackNotice announces threat intelligence platform


Friday, September 18, 2020 by

HackNotice announced the launch of HackNotice Teams, a cybersecurity management platform powered by actionable threat intelligence and an industry solution to foster a company-wide culture of security. Built on HackNotice Premium’s technology, HackNotice Teams scours the dark web to alert employees of vulnerabilities, compromised information, and data breaches in ...


Being-careful-about-3rd-party-APIs

Being careful about 3rd party APIs


Monday, August 24, 2020 by

Over the past couple of years, we’ve seen a marked shift in the nature of API traffic from being largely driven by human actions to be increasingly machine-driven. While it used to take a human to click something on a website to trigger an API call and response, there are now sites and apps where upwards of 98% of total traffic is the result of bots -- some legiti...


GitLab-acquires-Peach-Tech-and-Fuzzit

GitLab acquires Peach Tech and Fuzzit


Friday, June 12, 2020 by

GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...


Docker-and-Snyk-partner-to-deliver-container-vulnerability-scanning

Docker and Snyk partner to deliver container vulnerability scanning


Wednesday, May 20, 2020 by

Docker has partnered with Snyk to deliver native vulnerability scanning of container images in Docker. Together, Docker and Snyk will provide a streamlined workflow that makes the application development process more secure for millions of developers, allowing them to more quickly and confidently build secure applications as an automated part of their toolchain. ...


Fourth-annual-DevSecOps-survey-from-Gitlab

Fourth annual DevSecOps survey from Gitlab


Monday, May 18, 2020 by

GitLab released the results of its fourth annual DevSecOps survey uncovering how roles across software development teams have changed as more teams adopt DevOps. The survey of over 3,650 respondents from 21 countries worldwide found that rising rates of DevOps adoption and implementation of new tools has led to sweeping changes in job functions, tool choices and or...


How-gamifying-security-improves-cooperation-with-developers

How gamifying security improves cooperation with developers


Monday, May 11, 2020 by

Scaling security across development challenges the most seasoned professionals. Regardless of company size or industry, risks can no longer be comfortably managed across an organization as a centralized function. Security leaders need people in other departments to understand risks and help their teams remediate and reduce them for security to be successful. Last month,...


Improve-DevOps-processes-with-API-catalog

Improve DevOps processes with API catalog


Thursday, March 26, 2020 by

One of the biggest trends in DevOps is the “shift left” approach when it comes to security, so much so that security conferences now host developer days, developer conferences host security days, and the two have melded into DevSecOps. But pragmatically, how do you implement security earlier into your development cycles? According to CloudVector VP of Engine...


Container-runtime-scanning-open-source-software-launched-by-Portshift

Container runtime scanning open source software launched by Portshift


Thursday, March 26, 2020 by

Portshift introduced Kubei Open Source container scanning software. Kubei is a unique open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments. Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes info...


MyPrivacy-app-has-officially-launched

MyPrivacy app has officially launched


Tuesday, March 3, 2020 by

MyPrivacy has officially launched. The breakthrough product, which was built to make privacy vulnerabilities easy to manage for the average user, is a one-stop app that offers a VPN, App Lock, Password Manager, Private Browser, Photo Vault, and Social Permissions Manager sharing a simple, user-friendly platform. The app has already been downloaded over 300,000 since ...


Iowa-caucus-app-woes-from-a-developer-perspective

Iowa caucus app woes from a developer perspective


Friday, February 21, 2020 by

Whether the issues behind the Iowa Democratic Caucus app debacle were specific to UX, connectivity, traffic, or just good ol’ fashioned reluctance to embrace the technology, the ramifications of this mess will be felt for a long time – the hanging chad of the new decade. So are apps out? Absolutely not, but things are going to have to change. Applications...


Linux-and-LISH-release-census-for-open-source-security

Linux and LISH release census for open source security


Wednesday, February 19, 2020 by

The Linux Foundation’s Core Infrastructure Initiative (CII) and the Laboratory for Innovation Science at Harvard (LISH), announced the release of ‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software. This Census II analysis and report represent important steps towards understanding and addressing structural and s...


Dangers-of-quantum-hacking

Dangers of quantum hacking


Tuesday, February 11, 2020 by

Active Cypher has built a password-hacking quantum computer to demonstrate the dangers of quantum hacking. Using $600 worth of hardware parts easily purchased online or at a local electronics store, Active Cypher’s founder and CTO, Dan Gleason, created a portable quantum computer dubbed QUBY (named after qubits, the basic unit of quantum information). QUBY runs...


Microsoft-DART-team-tracks-77k-active-web-shells

Microsoft DART team tracks 77k active web shells


Thursday, February 6, 2020 by

In a blog post promoting the capabilities of its commercial security platform, Microsoft said that on a daily basis the company's security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers. According to ZDNet, these numbers are staggering, since the 77,000 figure is far larger than any previous reports about...


Best-Practices-for-Kubernetes-deployments-from-Portshift

Best Practices for Kubernetes deployments from Portshift


Monday, January 27, 2020 by

Portshift presents five security best practices for DevOps and development professionals managing Kubernetes deployments. Integrating these security measures into the CI/CD pipeline will assist organizations in the detection and remediation of security issues earlier in the development process, allowing faster and shorter cycles while assuring safe and secure deployment...


Booz-Allen-introduces-Modzy-AI-platform

Booz Allen introduces Modzy AI platform


Monday, November 11, 2019 by

Booz Allen combined its deep domain and technical expertise in complex AI engagements with leading AI software companies to introduce Modzy, an enterprise AI software product designed for rapid deployment, management, and governance of AI models at scale. Modzy is an AI platform and marketplace with embedded security, adversarial defense, and governance to operationa...


Evolve-VM-showcasing-at-Microsoft-Ignite

Evolve VM showcasing at Microsoft Ignite


Thursday, November 7, 2019 by

Adaptiva announced that it will showcase Evolve VM at Microsoft Ignite. This groundbreaking, complete vulnerability life cycle product automatically assesses endpoints for thousands of vulnerability, compliance, and health issues and instantly remediates them as soon as they are detected. Utilizing NIST's National Vulnerability Database and National Checklist Progra...


IBM

IBM's z15 launches with Data Privacy Passports


Friday, September 13, 2019 by

Against a backdrop of global privacy breaches, with the cost of each security breach in the U.S. clocking in on avg $8.2 million, IBM launched "z15", the enterprise platform that delivers the ability to fully manage the privacy of customer data across hybrid and multi-cloud environments. As part of the launch, IBM is announcing Data Privacy Passports, ...


Zeroday-vulnerability-announced-byMcAfee-at-Defcon

Zeroday vulnerability announced byMcAfee at Defcon


Monday, August 19, 2019 by

At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system. The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...


Cloud-computing-security-report-2019-is-out-from-CSA

Cloud computing security report 2019 is out from CSA


Thursday, August 8, 2019 by

The Cloud Security Alliance (CSA) defines standards, certifications, and best practices to help ensure a secure cloud computing environment. The CSA has released "Top Threats to Cloud Computing: The Egregious Eleven", a report which re-examines the risks inherent with cloud security and takes a new approach, examining the problems inherent in configu...


Warnings-for-aircraft-cybersecurity

Warnings for aircraft cybersecurity


Thursday, August 1, 2019 by

The Department of Homeland Security issued a security alert for small planes, warning that modern flight systems are vulnerable to hacking if someone manages to gain physical access to the aircraft. Engine readings, compass data, altitude and other readings “could all be manipulated to provide false measurements to the pilot,” according to the DHS alert.&nbs...


Gitlab-12.0-released

Gitlab 12.0 released


Friday, June 28, 2019 by

GitLab is releasing 12.0 to help enterprises transform and accelerate DevOps adoption by bringing developers, operations professionals, and the security team together in the first single application for the entire DevSecOps lifecycle. With the 12.0 release, GitLab is building upon security features recently released - such as security dashboards, auto remediation and se...


Acronis-gives-developers-early-access-to-new-cyber-platform

Acronis gives developers early access to new cyber platform


Monday, April 29, 2019 by

Acronis announced the opening of its core platforms, enabling broad, third-party developer access to the Acronis Cyber Platform to encourage expanded functionality and application integrations while expanding their opportunities in Acronis’ large ecosystem. The Acronis Cyber Platform, which is the foundation of the company’s existing services, features a ...


WordPress-plugin-vulnerabilities-are-a-hackers-playground

WordPress plugin vulnerabilities are a hackers playground


Wednesday, April 10, 2019 by

What do TechCrunch, BBC America, PlayStation and MTV News all have in common? Each of their websites is powered by WordPress. Over 74.6 million, or roughly 30 percent, of the world’s websites, depend on WordPress to power their online platforms. Every second there are over six new WordPress.com posts and over 47,000 plugins, with the number growing daily. Wh...


API-security-testing-just-got-easier-with-42Crunch

API security testing just got easier with 42Crunch's new scanner


Thursday, March 21, 2019 by

42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...