Posts Tagged ‘DevOps’

How to manage the intersection of Java, security and DevOps at a low complexity cost

In this Help Net Security video above, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for developers everywhere. He touches on the need for putting security back into DevOps and how developers can better navigate vulnerabilities that are taking up all of their efforts and keeping […]

Leave a Comment

GitHub blighted by “researcher” who created thousands of malicious projects

Just over a year ago, we wrote about a “cybersecurity researcher” who posted almost 4000 pointlessly poisoned Python packages to the popular repository PyPI. This person went by the curious nickname of Remind Supply Chain Risks, and the packages had project names that were generally similar to well-known projects, presumably in the hope that some of them would […]

Leave a Comment

Developers Remediate Less Than a Third of Vulnerabilities

Developers Remediate Less Than a Third of Vulnerabilities Developers are regularly ignoring security issues as they deal with an onslaught of issues from security teams, even as they are expected to release software more frequently and faster than ever before. In addition, developers fix just 32% of known vulnerabilities, and 42% of developers push vulnerable […]

Leave a Comment

DevOps didn’t kill WAF, because WAF will never truly die

You can only get rid of WAF if you fully implement security into your development process and audit the process via code reviews and annual tests. But DevSecOps can’t be realistically implemented for all web apps in the enterprise environment, so WAF will stick around because it still has a job to do. The WAF is not […]

Leave a Comment

Securing Dev Environments is Security Leaders’ Top Concern

Leave a Comment

70% of organizations recognize the importance of secure coding practices

A research from Secure Code Warrior has revealed an attitudinal shift in the software development industry, with organizations bucking traditional practices for DevOps and Secure DevOps. The global survey of professional developers and their managers found 70% of organizations recognize the importance of secure coding practices, with results indicating an industry-wide shift from reaction to […]

Leave a Comment