14 tips for developing AngularJS applications AngularJS is one of the most popular JavaScript frameworks for client-side development. An insight into some AngularJS concepts, such as $scopes, two-way data binding and directives, will bring us some important t...
Kiuwan indicators are based on evidence. Part of that evidence —along with intrinsic code metrics— are the defects and vulnerabilities found in the source code analysis Right. What does Kiuwan consider a defect? A defect is a violation to a rule defined in th...
Databases are some of the most valuable sources of data for organizations of any type, from healthcare to online retailers. In turn, they’re also some of the highest-value targets for attackers and a trove full of personnel information, financial data, and in...
Open source software is essential to application development, particularly for the web. At the same time, it also represents a key source of application vulnerabilities. To help make open source software more secure, the Linux Foundation has announced&nb...
Most of us who have been responsible for the care and feeding of an enterprise application have had to modify someone else’s code. Whether the modification is due to a newly found bug or to enhance existing functionality, changing someone else’s code is an in...
Open-source software dramatically simplifies and speeds up the development process. However, it also carries significant risks in the form of vulnerabilities. The public nature of open-source code means that databases such as Open Source Vulnerabilities ...
Containers have emerged as a fantastic technology to deploy applications. Containers save a lot of time for system engineers dealing with infrastructure issues: servers, networks, operating systems (OS), ports, configuration, etc. If your application needs be...
In a globally connected environment where being the first to market provides an advantage that can be worth billions and persists for decades, taking the fastest route to product development is an operational necessity. For software development teams, th...
On February 13 we released support for a new programming language: Go (aka Golang). We have added 56 new security rules for Go in our default analysis model (CQM). Visit our Change Log for an explanation on how to view these rul...
High-level programming languages have gone a long way since the invention of Short Code in 1949. New languages are being created all the time, sometimes as a joke, but most times to deal with specific problems that existing ones cannot solve. Althou...
The SANS Institute has designed thousands of programs for security professionals around the world. The organization brings together seasoned security practitioners to provide information security practices along with security certification. Besides ...
Today’s app development processes are not complete without security integration. Security standards provide safeguards for companies to secure their apps and software from cybersecurity threats. NIST, OWASP, WASC, SEI CERT C and J, CWE, and BIZEC are part of ...
App and software breaches can have lasting consequences. They also aren’t going anywhere. Finding vulnerabilities in your app and code early is critical. Maintaining strong security practices during and after development is essential to protecting your business.
