Software Development

Software Development news, information, and how-to advice

Black Hat 2015
021317blog software

template c100.00 13 28 47.still001
video

Mingis on Tech: The alphabet soup of mobile device management

Do you know your MDM from MAM and EMM? It's all about BYOD, and how companies can keep data safe while making it easier for workers to be productive with their own devices.

security software programmer primary

What it takes to be a security software developer

Developers with a security focus will be in strong demand, especially for financial, cloud and Internet of Things applications.

cloud computing data center

DevOps and cloud infrastructure permutations

The cloud has one DevOps advantage - it limits the number of permutations of storage, network, and CPU combinations that can be used for infrastructure (IaaS).

img 20170504 151717 01 01

Google Docs phishing attack underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.

1 buying decision

9 questions to ask when selecting application security solutions

Organizations need to determine the right tools to stay relatively risk free. Open source security vendor Black Duck explains why asking these key questions can help you determine the right mix of application tools and capabilities...

controlling privacy

How to track and secure open source in your enterprise

Your developers are using open source — even if you don't know about it. Here's how to take control and why you need to.

devops

The intersection of DevOps and application security

This article discusses DevOps security and the application security tools that need to be embedded within its process. These additions enable proper InfoSec protection of web applications.

datarescue matt jones1 100713820 orig

The rising security risk of the citizen developer

Citizen developers may help enterprises to develop apps more quickly, but what is this new breed of developer going to do to enterprise security?

dragon statue head

Can AI and ML slay the healthcare ransomware dragon?

Healthcare is well known as “low-hanging fruit” for ransomware attacks. But according to some experts, artificial intelligence and machine learning, as part of a “layered” security program, can make them a much more difficult target.

1 running back football

Top 10 ways to achieve agile security

Find out how to enable developers to do what they wanted, when they wanted, as fast as they wanted

manometer measure pressure

What makes a good application pen test? Metrics

Research from application security crowd testing and bug bounty program provider Cobalt attempts to define what enterprises could measure to improve results

code programming software bugs cybersecurity

Open-source developers targeted in sophisticated malware attack

Developers who publish their code on GitHub have been targeted in an attack campaign that uses a little known but potent cyberespionage malware.

virtual reality robot

AI will transform information security, but it won’t happen overnight

Artificial Intelligence technologies are evolving quickly, but can they aid an InfoSec community still grappling with default passwords and SQLi attacks?

confusion decisions future misleading direction arrows

How to cope when mobile app development goes rogue

Business units often develop mobile apps on their own, turning to IT only when things go wrong. Better governance around business units and their mobile app demands can help alleviate the worst pain points.

20160225 stock mwc ericsson booth security locks

How much are vendor security assurances worth after the CIA leaks?

Google, Apple, Microsoft and other software vendors are working to identify and patch the vulnerabilities described in the CIA leak, but ultimately this doesn't change the status quo of software security.

code programming software bugs cybersecurity

Hackers exploit Apache Struts vulnerability to compromise corporate web servers

Attackers are widely exploiting a recently patched vulnerability in Apache Struts that allows them to remotely execute malicious code on web servers.

acquisition hostile takeover

CA to acquire security testing firm Veracode for $614M

CA Technologies is acquiring application security testing company Veracode for US$614 million in cash, in a bid to broaden its development and testing offering for enterprises and app developers.

code programming software bugs cybersecurity

HackerOne offers bug bounty service for free to open-source projects

HackerOne, the company behind one of the most popular vulnerability coordination and bug bounty platforms, has decided to make its professional service available to open-source projects for free.

Load More