SiliconANGLE

Apps under attack: New federal report suggests ways to improve software code pipeline security

The National Security Agency and the Cybersecurity and Infrastructure Security Agency late last month issued an advisory memo to help improve defenses in application development software supply chains ...

Vibe coding to vibe hacking: securing software in the AI era

In a vibe-hacked world, security must be ongoing, proactive, and fully integrated into the software development lifecycle. As ...
SD Times

Log4j is just the beginning – Secure your software with no-code DevOps orchestration

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
SD Times

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Forbes

From Code To Defense: Equipping Software Teams For A Secure Future

Tannu Jiwnani is a cybersecurity leader focused on incident response, IAM and threat detection, with a passion for resilience and community. Software development drives the growth and innovation of ...
MIT Technology Review

Integrating security from code to cloud

In today’s open-source software environments, businesses need to embrace a new approach to security. In partnership withMicrosoft Azure and AMD The Human Genome Project, SpaceX’s rocket technology, ...
Forbes

Why Software Supply Chain Security Is Now Everyone’s Business

Software developers’ over-reliance on open-source software often exposes their supply chains to serious threats, such as the recent Log4Shell and other Log4j-related vulnerabilities. The Cybersecurity ...
CSOonline

7 top software supply chain security tools

These tools will help identify vulnerabilities and threats posed by third-party code through software composition analysis and SBOM creation. As the fallout from the Apache Log4J vulnerabilities ...
Dark Reading

8 Strategies for Enhancing Code Signing Security

The recent news that hackers had breached remote access solution company AnyDesk shined a harsh light on the need for companies to take a long, hard look at code-signing practices to help ensure a ...
Infosecurity Magazine

What Is Vibe Coding? Collins’ Word of the Year Spotlights AI’s Role and Risks in Software

AI-powered coding opens doors for innovation but also for exploitation, as cyber risks rise with the rise of 'vibe coding' ...
CSOonline

Who writes the code in your security software? You need to know

Trusting but verifying the code in the security software you use may not be an easy task, but it’s a worthwhile endeavor. Here are some recommended actions. The recent ban on Kaspersky security ...