Collaborate Disseminate
As the world’s legal entities rush to digitize their processes and transactions, confidence in digital authenticity is in short supply. Thankfully, a single, open and universal protocol that will enable legal entities everywhere to verify the authentic… Continue reading Simplifying legal entity identification in the digital age
Before the days of MP3 players and smartphones, and even before portable CD players, those of us of a certain age remember that our cassette players were about the only …read more Continue reading Pocket Radio Powered By Tiny Microcontroller
Global research commissioned by ReversingLabs and conducted by Dimensional Research, revealed that software development teams are increasingly concerned about supply chain attacks and tampering, but barely a third said they can effectively vet the secu… Continue reading Barely one-third of IT pros can vet code for tampering
Source Defense announced the results of a study that for the first time sizes the security, privacy, and compliance risks that are literally designed into the digital supply chains of major business websites. This risk, originating from highly dynamic … Continue reading Massive shadow code risk for world’s largest businesses
Software supply chain attacks have been increasing over the past few years, spurring the Biden administration to release an executive order detailing what government agencies are supposed to do to protect themselves against them. These attacks consist … Continue reading Sigstore: Signature verification for protection against supply chain attacks
OutSystems released findings from a global survey of IT leaders and developers gauging the benefits and challenges of cloud-native development, with results highlighting stark contrasts between expectations and readiness. The report reveals that while … Continue reading Are businesses ready to implement cloud-native development?
Traditional methods of software security are not a good fit for Kubernetes: a renewed set of security implementations are required to make it less vulnerable. What’s different about Kubernetes security? This article walks through several key idea… Continue reading Principles for Kubernetes security and good hygiene
Synopsys released a report which examines the results of more than 2,400 audits of commercial and proprietary codebases from merger and acquisition transactions, and highlights trends in open source usage within commercial and proprietary applications … Continue reading 81% of codebases contain known open source vulnerabilities
Secure Code Warrior released findings from its survey, which found that developers’ actions and attitudes toward software security are in conflict. While many developers acknowledge the importance of applying a security-led approach in the software dev… Continue reading 86% of developers don’t prioritize application security
A Tromzo report reveals developers remediate only 32% of vulnerabilities and regularly push vulnerable code. The report was based on a survey of more than 400 U.S.-based developers who work at organizations where they currently have CI/CD tools in plac… Continue reading How often do developers push vulnerable code?