Collaborate Disseminate
Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s recent executive order asks government vendors to attest “to the extent practicab… Continue reading Regulation fatigue: A challenge to shift processes left
Leading organizations are investing in the mainframe, innovating with DevOps, and integrating systems and teams to drive digital transformation, according to a BMC survey. Champions drive mainframe innovation for business growth After surveying more th… Continue reading Investing in the mainframe remains key driver for digital transformation
Next-generation static application security testing (SAST) and intelligent software composition analysis (SCA) can increase the speed of vulnerability scans and narrow their scope to highlight reachable issues, a ShiftLeft report reveals. This ultimate… Continue reading Increasing speed of vulnerability scans ultimately increases security fixes overall
OpenSSF announced new membership commitments to advance open source security education and best practices. New members include Accurics, Anchore, Bloomberg Finance, Cisco Systems, Codethink, Cybertrust Japan, OpenUK, ShiftLeft, Sonatype and Tidelift. O… Continue reading OpenSSF adds new members from around the globe to improve OSS security
ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. Designed in partnership with Application Security Training platform Kontra, ShiftLe… Continue reading ShiftLeft Educate provides consistent and contextual training for developers of different skill levels
deepwatch MOBILE gives cybersecurity experts real-time visibility into their SOC deepwatch MOBILE provides customers real-time insight into their Security Operations Center and timely threat intelligence delivered to their mobile phone. With deepwatch … Continue reading New infosec products of the week: June 18, 2021
ShiftLeft has released a tool enabling businesses to independently benchmark and validate the accuracy of ShiftLeft CORE using the Open Web Application Security Project (OWASP) Benchmark Project, a Java test suite designed to evaluate the accuracy of v… Continue reading ShiftLeft helps orgs benchmark and validate the accuracy of ShiftLeft CORE using OWASP Benchmark
We are pleased to announce that we have updated NG SAST to use the CPG deep analyzer for the analysis of Python applications!
Python applications and the vulnerabilities they contain
As of 2020, Python was the third most popular programming language i… Continue reading Static Analysis of Python Applications
With staffing ratios often more than 200 developers for every AppSec professional, scaling security requires increasing the developer’s engagement in securing the product. To do that, developers must be responsible for the security of the code they wri… Continue reading The basics of security code review
Security is an undeniable necessity for the survival and success of any company. COVID-19 accelerated digital transformation initiatives across all industries and this shift placed significant pressure on developers to push software to market at unprec… Continue reading Digital business requires a security-first mindset