Software Development
Software Development | News, how-tos, features, reviews, and videos
The CSO guide to top security conferences, 2022
Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.
For one software maker, an SBOM adds value to the product
At Instant Connect, an SBOM has become part of the product offering, says Chief Product Officer Wes Wells.
GitHub open sources Entitlements IAM sytem, built as a Git repository
The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week.
Sigstore explained: How it helps secure the software supply chain
The free sigstore signing service helps developers establish provenance and integrity of open-source software.
The Open Source Software Security Mobilization Plan: Takeaways for security leaders
The plan from the Linux Foundation and OpenSSF presents three goals to improve open-source software security during development and more effectively address vulnerabilities.
Chris Wysopal: Open source is becoming a national security risk
The Veracode CTO explains what set the Log4j vulnerabilities apart, how it raised awareness of issues around open source security, and where he sees progress.
Google to launch repository service with security-tested versions of open-source software packages
The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies.
Red Hat debuts edge features for Linux, Kubernetes platform security
At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.
Cloudflare Workers for Platforms aims for more programmable web
Cloudflare Workers for Platforms provides a set of tools and an API standard that would allow developers to customize any web application.
23 DevSecOps tools for baking security into the development process
Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.
Chainguard launches native Kubernetes compliance software Enforce
Chainguard’s Enforce is designed to help developers define and enact policies for container images to enable safer deployment.
Fuzzing tool company launches initiative to secure open-source software
ForAllSecure offers to pay developers to use its software to eliminate exploits in their code.
Comcast open-sources xGitGuard code protection tool
The new code monitoring tool is designed to keep open source and proprietary code separate and secure.
GitHub makes Advisory Database public to improve software supply chain security
Researchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.
Drop the SBOM
Software bills of material are having a moment, but the costs of an externally visible SBOM are likely to outweigh the benefits, says Andy Ellis.
NPM JavaScript registry suffers massive influx of malware, report says
The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.
Alpha-Omega Project takes a human-centered approach to open-source software security
The Linux Foundation and OpenSSF project, with backing from Microsoft and Google, aims to improve security of 10,000 open-source projects.
![Hands are stacked together in unity and trust. [colleagues / teamwork / collaboration]](https://images.idgesg.net/images/article/2020/09/all_hands_in_stacked_together_in_unity_and_trust_during_meeting_colleagues_teamwork_collaboration_by_jonathan_erasmus_gettyimages-1199216681_2400x1600-100858476-small.3x2.jpg?auto=webp&quality=85,70)