Simply put, threat intelligence – also known as cyber threat intelligence, or CTI – is information that is collected, analyzed, organized, and refined to provide insight, input, and advice about potential and current security threats or attacks that could pos...
Before open-source software (OSS) was commonplace, building applications was a tedious and time-consuming process. As it became more common to release code for community use, development time rapidly increased. Developers could build on previous work and didn...
Development tools are growing more advanced; large language models can now write code for us based on simple plain English requests. Unfortunately, malicious actors also have access to increasingly powerful tools. As a result, cybersecurity risk management ha...
Delivering a secure mobile app to users requires developers to prioritize security throughout the software’s development pipeline. An organization’s System Development Life Cycle (SDLC) should include easy-to-follow security instructions that consider t...
October is Cybersecurity Awareness Month. The theme for 2020 is: “Do Your Part. Be #CyberSmart.” This event, put on by CISA and the National Cyber Security Alliance, is in its seventeenth year. The campaign aims to increase overall cybersecurity aw...
With cybersecurity incidents increasing at an alarming rate, modern development teams are transitioning to a DevSecOps framework to integrate security into the entire software development lifecycle (SDLC). This approach helps create more secure and resilient ...
With an ever-increasing proportion of day-to-day work on the desktop occurring in the form of web-based applications, organizations need to rethink how those applications work. They also need to examine – and in some cases tighten up – how web-based apps (or ...
Amidst growing cybersecurity threats, the security of the software we write has taken increased importance. To help prevent cyber attacks, DevSecOps has become standard practice among many development teams. One of the most powerful tools in DevSecOps i...
Web application security requires a multi-layered approach that considers and reduces all attack surfaces. Given the complexity of modern applications, overlooking even a small detail can leave an application vulnerable. Take the example of the Microsoft R...
Open-source software dramatically simplifies and speeds up the development process. However, it also carries significant risks in the form of vulnerabilities. The public nature of open-source code means that databases such as Open Source Vulnerabilities ...
Most developers don’t build applications from scratch. Instead, they use a mix of original development, code reused from other programs, and some third-party components. What often happens is that developers get deep into the weeds of making sure it all works...
DevSecOps is quickly becoming one of those trendy terms that everyone tries to use on social media. If you can somehow work #devsecops into a post, you’re using today’s forward-looking language. The problem is that many articles and blogs miss some of the mos...
