Software Development

Software Development | News, how-tos, features, reviews, and videos

abstract internet network cyber security concept picture id1072278762
noops code developer devops html web developer by mazimusnd getty

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2022

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

software automation gears robotic code by mazimusnd getty and bill oxford via unsplash 2400x1600

For one software maker, an SBOM adds value to the product

At Instant Connect, an SBOM has become part of the product offering, says Chief Product Officer Wes Wells.

hello my name is open source nametag

GitHub open sources Entitlements IAM sytem, built as a Git repository

The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week.

certification programmer binary laptop devops by pixabay

Sigstore explained: How it helps secure the software supply chain

The free sigstore signing service helps developers establish provenance and integrity of open-source software.

noops code developer devops html web developer by mazimusnd getty

The Open Source Software Security Mobilization Plan: Takeaways for security leaders

The plan from the Linux Foundation and OpenSSF presents three goals to improve open-source software security during development and more effectively address vulnerabilities.

abstract programming code

Chris Wysopal: Open source is becoming a national security risk

The Veracode CTO explains what set the Log4j vulnerabilities apart, how it raised awareness of issues around open source security, and where he sees progress.

open source box open box out of the box empty

Google to launch repository service with security-tested versions of open-source software packages

The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies.

20151027 red hat logo

Red Hat debuts edge features for Linux, Kubernetes platform security

At its annual Summit event, Red Hat is rolling out new edge-computing features for the company’s well-known enterprise Linux distribution, and security features for its Advanced Cluster Security for Kubernetes platform.

A developer works across multiple displays showing lines of code in a dimly lit workspace.

Cloudflare Workers for Platforms aims for more programmable web

Cloudflare Workers for Platforms provides a set of tools and an API standard that would allow developers to customize any web application.

hackathon students code programmer devops certification by rawpixel unsplash

23 DevSecOps tools for baking security into the development process

Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.

Developers work together to review lines of code in an office workspace.

Chainguard launches native Kubernetes compliance software Enforce

Chainguard’s Enforce is designed to help developers define and enact policies for container images to enable safer deployment.

female developer programmer devops next generation it staff

Fuzzing tool company launches initiative to secure open-source software

ForAllSecure offers to pay developers to use its software to eliminate exploits in their code.

programming / coding elements / lines of code / development / developers / teamwork

Comcast open-sources xGitGuard code protection tool

The new code monitoring tool is designed to keep open source and proprietary code separate and secure.

library / archive / repository

GitHub makes Advisory Database public to improve software supply chain security

Researchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.

assembly / architecture / modular structure / components

Drop the SBOM

Software bills of material are having a moment, but the costs of an externally visible SBOM are likely to outweigh the benefits, says Andy Ellis.

03 shipping malware

NPM JavaScript registry suffers massive influx of malware, report says

The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.

Application security  >  Software code + data protected with a lock

Alpha-Omega Project takes a human-centered approach to open-source software security

The Linux Foundation and OpenSSF project, with backing from Microsoft and Google, aims to improve security of 10,000 open-source projects.

Hands are stacked together in unity and trust. [colleagues / teamwork / collaboration]

Tech sector embraces public-private collaboration on open-source software security

Participants in a White House meeting on securing open-source software expressed optimism for working effectively with government to help prevent Log4j-like events.

Load More
You Might Also Like