Collaborate Disseminate
Applications developed by organizations in Europe, Middle East and Africa tend to contain more security flaws than those created by their US counterparts, according to Veracode. Across all regions analysed, EMEA also has the highest percentage of ‘high… Continue reading High number of security flaws found in EMEA-developed apps
As the holiday shopping season hits full stride, ecommerce retailers across Europe face a new era of malicious attacks spurred by a COVID-inspired transformation in ecommerce and a 350% increase in fraudulent online orders, according to data published … Continue reading Ecommerce retailers facing a 350% increase in fraudulent online orders
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their scope to highlight reachable issues, a ShiftLeft report reveals. This ultimate… Continue reading Increasing speed of vulnerability scans ultimately increases security fixes overall
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To do that, developers must be responsible for the security of the code they wri… Continue reading The basics of security code review
Salesforce is a feature-rich SaaS platform designed for custom development and user modification. Its business power is driven by the ease of customization from both AppExchange downloads and its massive developer ecosystem. However, when Salesforce i… Continue reading Salesforce DevSecOps: Avoiding Arrested Development
Announcing ShiftLeft CORE — A Code Security Platform
We are excited to announce the launch of our new platform — ShiftLeft CORE! The word platform is often overused and misused. Many companies rename their existing products and acquisitions, rearrange … Continue reading Announcing ShiftLeft CORE — A Code Security Platform
The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report – across the software industry drawing from data and experience from 130 organizations. Rather than repeat the aim of the study, this quote sums it… Continue reading What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA
As part of our ongoing mission to help organizations develop and deploy more secure software and applications, and in light of Checkmarx’s expanded insight into the open source security landscape with its recently launched SCA solution, the Check… Continue reading It’s Time to Update Your Drupal Now!
The use of open source code in modern software has become nearly ubiquitous. It makes perfect sense: facing ever-increasing pressures to accelerate the rate at which new applications are delivered, developers value the ready-made aspect of open source … Continue reading Cooking up secure code: A foolproof recipe for open source
Since 2017, I’ve reported in our annual State of the Software Supply Chain Report that the average time between an open source vulnerability being announced and subsequently exploited was three days. We saw this exploit time with Equif… Continue reading SaltStack: 20 Breaches Within Four Days