vulnerability

vulnerability news search results

Developer news items we found relating to vulnerability

35 results
2021-Coding-Week-recap-from-industry-experts

2021 Coding Week recap from industry experts


Monday, September 20, 2021 by

National Coding Week takes place during September 13 - September 19 and it is a great time to engage everyone into coding in a fun and easy way. According to an article from National Today, "92 percent of executives believe American workers are not as skilled as they need to be." National Coding Week is a perfect opportunity for improving your coding skills to...


Faster-customer-integrations-from-HackerOne

Faster customer integrations from HackerOne


Thursday, July 29, 2021 by

Tray.io has announced that HackerOne is using Tray Embedded to develop and deliver powerful customer integrations at scale. With Tray Embedded, HackerOne quadrupled its integration delivery speed to maximize developer efficiency and reduce the integration maintenance burden. Armed with seamless integrations, HackerOne customers can spend less time context-switching...


Dev-Interrupted-Community-launched-by-LinearB

Dev Interrupted Community launched by LinearB


Wednesday, June 2, 2021 by

LinearB, the team behind Software Delivery Intelligence, has launched the “Dev Interrupted” community, which consists of a Discord community, podcast, newsletter, and events. As an engineering leadership community with over 1,000 discord members, Dev Interrupted brings the most forward thinking minds together to establish the future of daily continuous impro...


Docker-desktop-for-Mac-is-now-available-from-Docker-Inc

Docker desktop for Mac is now available from Docker Inc


Thursday, April 15, 2021 by

Docker, Inc.™ announced general availability of its much-anticipated Docker Desktop for Mac, enabling developers to leverage the advantages of the latest Macs powered by the M1 chip and extending the reach of their Docker collaborative application development platform to a new architecture. “This is great news for the many developers who have been clamori...


CircleCI-brings-privacy-enhancements-for-teams-across-the-enterprise

CircleCI brings privacy enhancements for teams across the enterprise


Monday, February 22, 2021 by

CircleCI introduced new platform updates to increase the control, protection, privacy, and confidence of today’s engineering teams.   Business leaders are concerned with the growth of remote-only and its impact on security. In fact, research shows 28 percent of leaders in 2020 were anticipated to prioritize improving application security capabilities ...


Improving-security-posture-with-static-application-security-testing-

Improving security posture with static application security testing


Friday, February 12, 2021 by

Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...


DevSecOps-will-go-mainstream-this-year

DevSecOps will go mainstream this year


Tuesday, January 26, 2021 by

Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...


How-DevOps-will-change-in-2021

How DevOps will change in 2021


Saturday, January 9, 2021 by

DevOps will become much more security-aware. We’ll see greater attention paid to the newly expanded surface area created in the practice of DevOps and how to proactively protect against vulnerabilities in DevOps. How DevOps will change in 2021 and the Impact from it First, IT Ops and DevOps teams will need to reorient their processes to one that unifies...


Trump-and-Biden-app-vulnerabilities-raise-concern

Trump and Biden app vulnerabilities raise concern


Thursday, October 22, 2020 by

With election season upon us, the US population is being inundated by candidate and proposition propaganda from a variety of sources – including television, the US mail, and mobile device apps. As annoying as this flood of information is at times, it’s important to understand that when it comes to these popular apps, and in fact all apps, if certain security...


GitLab-acquires-Peach-Tech-and-Fuzzit

GitLab acquires Peach Tech and Fuzzit


Friday, June 12, 2020 by

GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...


CircleCI-updates-platform-to-enhance-speed-and-efficiency

CircleCI updates platform to enhance speed and efficiency


Wednesday, May 27, 2020 by

CircleCI announced updates to its continuous integration and continuous delivery platform that will help developers build, test and deploy code faster and with ease. The updates include an enhanced web user interface, new insights capabilities, and upgrades to convenience images, CircleCI’s fleet of pre-packaged Docker images. These additions come on the heels ...


Docker-and-Snyk-partner-to-deliver-container-vulnerability-scanning

Docker and Snyk partner to deliver container vulnerability scanning


Wednesday, May 20, 2020 by

Docker has partnered with Snyk to deliver native vulnerability scanning of container images in Docker. Together, Docker and Snyk will provide a streamlined workflow that makes the application development process more secure for millions of developers, allowing them to more quickly and confidently build secure applications as an automated part of their toolchain. ...


Fourth-annual-DevSecOps-survey-from-Gitlab

Fourth annual DevSecOps survey from Gitlab


Monday, May 18, 2020 by

GitLab released the results of its fourth annual DevSecOps survey uncovering how roles across software development teams have changed as more teams adopt DevOps. The survey of over 3,650 respondents from 21 countries worldwide found that rising rates of DevOps adoption and implementation of new tools has led to sweeping changes in job functions, tool choices and or...


How-gamifying-security-improves-cooperation-with-developers

How gamifying security improves cooperation with developers


Monday, May 11, 2020 by

Scaling security across development challenges the most seasoned professionals. Regardless of company size or industry, risks can no longer be comfortably managed across an organization as a centralized function. Security leaders need people in other departments to understand risks and help their teams remediate and reduce them for security to be successful. Last month,...


New-features-from-WSO2-API-Manager

New features from WSO2 API Manager


Friday, April 10, 2020 by

APIs are the core building blocks of digital businesses—assembling data, events and services from within the organization, throughout ecosystems, and across devices. This is driving demands to maximize adoption and reuse across internal and external portals and API marketplaces; ensure API security; and support modern architectures, including containers, microserv...


Container-runtime-scanning-open-source-software-launched-by-Portshift

Container runtime scanning open source software launched by Portshift


Thursday, March 26, 2020 by

Portshift introduced Kubei Open Source container scanning software. Kubei is a unique open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments. Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes info...


Brainly-appoints-new-Chief-Product-Officer

Brainly appoints new Chief Product Officer


Tuesday, January 28, 2020 by

Brainly recently appointed Rajesh Bysani as its new Chief Product Officer (CPO). While Brainly has succeeded at establishing itself as one of the United States’ leading digital education resources, last school year the platform achieved a major landmark in its global growth: it now reaches 15 million monthly users in the U.S., which means that 20% or one-fifth ...


How-cloud-computing-is-changing-the-developer-world

How cloud computing is changing the developer world


Thursday, January 2, 2020 by

Cloud computing is continuing to change the way the world builds and interacts with technology, and the developers that make that possible are under more pressure than ever to keep innovating and pushing boundaries. With the launch of the latest version of its Cloud Pak for Data, IBM is helping them do just that, all while prioritizing what matters most: data privacy an...


StrandHogg-Android-vulnerability-identified

StrandHogg Android vulnerability identified


Thursday, December 5, 2019 by

Promon, a Norwegian app security company, has identified tangible evidence of a dangerous Android vulnerability that allows malware to pose as any legitimate app, granting hackers access to private SMS’ and photos, steal victims’ log-in credentials, track movements, make and/or record phone conversations, and spy through a phone’s camera and microphone...


Evolve-VM-showcasing-at-Microsoft-Ignite

Evolve VM showcasing at Microsoft Ignite


Thursday, November 7, 2019 by

Adaptiva announced that it will showcase Evolve VM at Microsoft Ignite. This groundbreaking, complete vulnerability life cycle product automatically assesses endpoints for thousands of vulnerability, compliance, and health issues and instantly remediates them as soon as they are detected. Utilizing NIST's National Vulnerability Database and National Checklist Progra...


Build-applications-at-speed-with-Cohesity-Agile-Dev

Build applications at speed with Cohesity Agile Dev


Thursday, September 12, 2019 by

Cohesity has announced the launch of Cohesity Agile Dev and Test, a new solution that addresses key bottlenecks organizations face in building applications at speed. It moves away from the request-fulfill model where developers request access to production-grade data and wait sometimes weeks for IT operations teams to provide the data needed to build...


Zeroday-vulnerability-announced-byMcAfee-at-Defcon

Zeroday vulnerability announced byMcAfee at Defcon


Monday, August 19, 2019 by

At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system. The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...


Testing-software-updates-with-production-traffic

Testing software updates with production traffic


Thursday, July 18, 2019 by

Test and development cycles have significantly changed under the DevOps model. To remain competitive, software developers must continually release new application features. They’re sometimes pushing out code updates as fast as they are writing them. This is a significant change from how software and dev teams traditionally operated. It used to be that teams could ...


New-intelligence-suite-aims-to-help-tackle-problems-with-growing-IT

New intelligence suite aims to help tackle problems with growing IT


Friday, July 12, 2019 by

Snow Software announced a new suite of offerings to better empower customers to address their growing IT operations, cloud shift and digital transformation challenges. This new set of offerings is aligned to strategic business outcomes, providing customers with product choices that will better meet their unique needs now and in the future. “The market has evolv...


WordPress-plugin-vulnerabilities-are-a-hackers-playground

WordPress plugin vulnerabilities are a hackers playground


Wednesday, April 10, 2019 by

What do TechCrunch, BBC America, PlayStation and MTV News all have in common? Each of their websites is powered by WordPress. Over 74.6 million, or roughly 30 percent, of the world’s websites, depend on WordPress to power their online platforms. Every second there are over six new WordPress.com posts and over 47,000 plugins, with the number growing daily. Wh...


Making-things-easy-for-the-developer-is-ActiveState

Making things easy for the developer is ActiveState's mission


Tuesday, April 2, 2019 by

ActiveState added enhancements to its ActiveState Platform, a SaaS offering, benefiting contributors, maintainers and users facing challenges with Python and other open source languages. The new features will give ActiveState Platform account holders the flexibility to fork an existing language distribution and install it into a virtual environment. Developers elimin...


CommunityBridge-gives-better-visibility-into-open-source-code

CommunityBridge gives better visibility into open source code


Monday, March 18, 2019 by

The Linux Foundation has launched CommunityBridge, a platform that aims to empower developers and the individuals and organizations who support them, to advance sustainability, security, and diversity in open source technology. With the help of source{d}, the Linux Foundation will be able to provide the Open Source community with greater visibility into each projec...


Software-engineer-happiness-matters

Software engineer happiness matters


Tuesday, February 19, 2019 by

In the never-ending quest for greater developer productivity, security and compliance usually seem like monkey wrenches in the machinery. These aspects of development are essential, but they can slow down the flow of work and frustrate developers. Security and compliance dog the whole software development process, from the too-often-forgotten build engineering team, ...


Mesh-networking-security-from-NeuVector-at-IBM-Think-2019

Mesh networking security from NeuVector at IBM Think 2019


Thursday, February 14, 2019 by

NeuVector announced a new platform integration with the Istio and Linkerd2 service meshes that expands NeuVector’s security capabilities for production Kubernetes deployments. The integration - developed in coordination with IBM Cloud and the Istio open source development team - delivers new capabilities for network visibility and threat detection, even for connec...


What-does-the-Kubernetes-privilege-escalation-flaw-mean

What does the Kubernetes privilege escalation flaw mean


Tuesday, December 4, 2018 by

Bringing together powerful applications into containerized services that are open source can have their drawbacks, as recently discovered by the RedHat issued a critical Security Advisory and patches for CVE-2018-1002105, a privilege escalation flaw impacting Kubernetes. Sumo Logic CSO, George Gerchow weighs in: "The Kubernetes vulnerability is a huge deal, even...


AI-for-cybersecurity-

AI for cybersecurity


Tuesday, November 27, 2018 by

As organizations struggle to deal with the growing sophistication of hackers and the influx in data breaches, it's becoming clear that AI could be a critical tool for automatically defending applications from cyber attacks - but there are challenges to overcome. Ivan Novikov, the CEO of AI security company Wallarm, offers some insight below on how AI can be utilized...


Single-Page-Application-security-help

Single Page Application security help


Tuesday, October 23, 2018 by

Single-page applications, or SPAs, are web apps that load a single HTML page and dynamically update that page as the user interacts with the app. Their origins are unclear but the concept was discussed as early as 2003 according to the archives on Wiki. SPAs use AJAX and HTML5 to create fluid and responsive Web apps, without constant page reloads - that literally means,...


GitHub-Actions-and-other-announcements-from-GitHub-Universe

GitHub Actions and other announcements from GitHub Universe


Wednesday, October 17, 2018 by

GitHub, the soon to be acquired by Microsoft company, has always been known for its source code repository capabilities for developers. But why just store the code on a platform when you can run it too?  At its annual developer conference, GitHub Universe, they announced Actions, which is essentially a way to help automate your development workflows. Actions use...


National-Coding-Week-is-here

National Coding Week is here


Monday, September 17, 2018 by

National Coding Week is upon us. That's why we thought it would be great to compile some quotes from industry experts to talk about what they think is most important about learning how to coding - a question seen through many different lenses. “Today, software drives business. So, if an organization wants to excel, it needs to become a software-powered jugg...


Code-security-gamification-company-nabs-$3.5M-in-funding

Code security gamification company nabs $3.5M in funding


Friday, September 14, 2018 by

Secure application development platform provider Secure Code Warrior announced that it has gained US $3.5 million in funding from two strategic venture capital firms. The financing was led by Washington DC-based Paladin Capital Group, with participation from Sydney-based AirTree Ventures. The initial funding round will allow the company to further expand its rapidly gro...