Americas

  • United States

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

HomeDevSecOps

DevSecOps

Software Development | News, how-tos, features, reviews, and videos

Jump to
Latest Articles Events Resources Podcasts
feature
Image

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

By CSO Staff
Dec 01, 20236 mins
Technology IndustryIT SkillsEvents
news
Image

Almost all developers are using AI despite security concerns, survey suggests

By John P. Mello Jr.
Nov 29, 20234 mins
Development ToolsSecurity PracticesSupply Chain
feature
Image

NIST provides solid guidance on software supply chain security in DevSecOps

By Chris Hughes
Oct 19, 20239 mins
DevSecOpsSupply ChainSecurity Practices
feature

How CISOs can shift from application security to product security

By Ericka Chickowski
Aug 30, 202310 mins
Application SecuritySoftware Development
news

Arnica's real-time, code-risk scanning tools aim to secure supply chain

By Shweta Sharma
May 16, 20234 mins
DevSecOpsSupply ChainSoftware Development
news

GitGuardian's honeytokens in codebase to fish out DevOps intrusion

By Shweta Sharma
Apr 11, 20234 mins
Intrusion Detection SoftwareSoftware Development
news

UK data regulator issues warning over generative AI data protection concerns

By Charlotte Trueman
Apr 04, 20233 mins
Data PrivacyGenerative AIArtificial Intelligence
brandpostSponsored by Synopsys

Automation is the key component of DevSecOps collaboration and optimization

By Taylor Armerding, Security Advocate at Synopsys Software Integrity Group
Mar 13, 20234 mins
DevopsSecuritySoftware Development
brandpostSponsored by Synopsys

Poor software quality can cost time and money, straightforward solutions are available

By Taylor Armerding, Security Advocate at Synopsys Software Integrity Group
Mar 13, 20234 mins
DevopsSoftware Development

Articles

reviews

Review: How ShiftLeft catches vulnerabilities during code development

This combination traffic analysis tool and dynamic application security testing tool works with nearly any language and CI system, is very easy to use, and integrates directly into the development process.

By John Breeden
Mar 16, 2020 7 mins
Application SecuritySecuritySoftware Development
feature

3 DevSecOps success stories

Learn how three very different companies — Microsoft, Verizon and the Pokemon Company — got their development and security teams to work together smoothly.

By Michael Nadeau and Dan Swinhoe
Sep 26, 2019 10 mins
Application SecuritySecuritySoftware Development
feature

Verizon builds a DevSecOps culture with its developer dashboard

Verizon's developer dashboard not only records how vulnerabilities are introduced and by whom, but provides indicators as to why. The goal isn't to name and shame, but to instill a secure-by-design mindset.

By Dan Swinhoe
Feb 26, 2019 8 mins
Application SecuritySecuritySoftware Development
opinion

The ethics of creating secure software

The permeation of software into every aspect of our lives makes it impossible to avoid. Software has transcended from a technical process into the realm of social morality. Therefore, the consequences are on a massive scale across the whole of society. Security of that software is not a technical question, but a moral one, and companies need to treat it that way.

By Chris Wysopal
Sep 07, 2018 5 mins
Enterprise ApplicationsSecuritySoftware Development
feature

Secrets of ‘shift left’ success

The shift left movement is about bringing security into the software development cycle earlier through DevSecOps and other changes, yielding more secure software more quickly and at lower costs.

By Mary K. Pratt
Aug 28, 2018 8 mins
Application SecurityDevopsSecurity
opinion

Software products aren't cookies

Understanding the security of third-party components.

By Steve Lipner
Aug 20, 2018 5 mins
VulnerabilitiesSecuritySoftware Development
feature

5 tips for getting started with DevSecOps

Don't be fooled, integrating security into the DevOps process is a big project. But the payoff is worth the effort. Here's what you need to know to get started building DevSecOps from the ground up.

By Scot Finnie
Jul 17, 2018 9 mins
Application SecuritySoftware Development
news

Do you fully trust Microsoft with GitHub?

With Microsoft acquiring GitHub, users have to decide if they will leave their repositories on GitHub or move backup copies to GitLab.

By Ms. Smith
Jun 05, 2018 4 mins
GitHubMicrosoftOpen Source
opinion

Conway’s Law: does your organization's structure make software security even harder?

Why secure development programs succeed in organizations.

By Steve Lipner
May 07, 2018 5 mins
Patch Management SoftwareSecuritySoftware Development
feature

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

By Terena Bell
Apr 25, 2018 6 mins
Application SecurityApplication SecurityApplication Security
feature

Open source software security challenges persist

Using open source components saves developers time and companies money. In other words, it's here to stay. Here's a look at what it will take to improve open source security.

By Maria Korolov
Apr 02, 2018 10 mins
Internet SecurityApplication SecurityVulnerabilities
reviews

How Contrast Security protects applications from the inside out

Contrast Security has one of the most elegant solutions out there for application security. We can see why it scored 100 percent on the OWASP Security Benchmark.

By John Breeden
Feb 21, 2018 7 mins
Application SecurityEnterprise ApplicationsSecurity
View all

Resources

whitepaper

Why Acceptance Insurance is Confident in Ability to Detect and Rapidly Recover from Any Attack

With SOX compliance and state insurance regulations, Acceptance Insurance was bleeding resources, time, and money to keep up. See this case study to find out how Acceptance Insurance stopped the bleeding.

The post Why Acceptance Insurance is Confident in Ability to Detect and Rapidly Recover from Any Attack appeared first on Whitepaper Repository.

By Cohesity Inc.
08 Dec 2023
Backup and RecoveryBusiness OperationsCloud Security
Image
whitepaper

Cloud Backup Evaluation Guide & Checklist

By Cohesity Inc.
08 Dec 2023
Backup and RecoveryBusiness OperationsCloud Security
Image
whitepaper

Ransomware Readiness Evaluation Guide

By Cohesity Inc.
08 Dec 2023
Backup and RecoveryBusiness OperationsData and Information Security
Image
View all

Video on demand

video

How to code an interactive shiny app to search Twitter: Do More With R bonus video

Learn how to turn code from Episode 41 into an interactive shiny Web app.

Jan 25, 2020 16 mins
AnalyticsSoftware Development
See all videos

Explore a topic

Show me more

news analysis

LogoFAIL attack can inject malware in the firmware of many computers

By Lucian Constantin
Dec 08, 20238 mins
MalwareMalwareCybercrime
Image
news

Google expands minimum security guidelines for third-party vendors

By John P. Mello Jr.
Dec 08, 20234 mins
Application SecuritySupply ChainSupply Chain
Image
news

New CISO appointments 2023

By CSO Staff
Dec 08, 202328 mins
CSO and CISOCSO and CISOCSO and CISO
Image
podcast

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

Nov 20, 202315 mins
CSO and CISO
Image
podcast

CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University

Oct 16, 202315 mins
CSO and CISO
Image
podcast

CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape

Oct 10, 202316 mins
CSO and CISO
Image
video

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

Nov 20, 202315 mins
CSO and CISO
Image
video

AI and Cybersecurity: Speed Bumps, Training, and Communication

Nov 06, 202317 mins
CyberattacksGenerative AI
Image
video

CSO Executive Sessions Australia with Robbie Whittome

Oct 16, 202315 mins
CSO and CISO
Image