North Korean hacker group using false coding tests to spread malware Jordyn Alger September 16, 2024 Research has identified malicious software packages associated with the North Korean hacking group, Lazarus Group. Read More
The average open source vulnerability is 2.5 years old Security Staff February 27, 2024 According to a report, nearly 75% of commercial codebases assessed for risk contain open source components impacted by high-risk vulnerabilities.Read More
Cybersecurity Education & Training False positives: Mitigating concerns from cybersecurity-minded users Keavy Murphy January 9, 2024 As new security risks emerge daily and the tech landscape shifts, false positives are here to stay. Security teams can use data to manage cyber risk. Read More
Will AI make organizations more secure? Monica Oravcova March 6, 2023 With both good and bad actors using AI, enterprises will need the best solution to defend themselves. It's an arms race as to who has the best tool. Read More
What CISOs need to know about CNAPP Chris Simmons March 3, 2023 Cloud native application protection platforms enable CISOs to ensure that the pace of security matches the pace of development of cloud applications.Read More
Secure code training ruled better investment than code scanning tools Security Staff January 30, 2023 EMA's Secure Coding Practices survey of 129 software development professionals found that code scanning tools were less effective than developers.Read More
Can developers reduce open source cybersecurity risk? Security Staff October 24, 2022 State of the Software Supply Chain Report from Sonatype found legacy open source downloads leading to cybersecurity vulnerability exploitation. Read More
4 things CISOs need to know about software supply chain security Kim Lewandowski October 14, 2022 Cybersecurity leadership needs to understand the security challenges of open source code to tackle software supply chain security threats.Read More
How to build more secure APIs Jeff Williams October 4, 2022 Software developers are under pressure to develop programs quickly, but security professionals must work with them to make sure APIs remain secure.Read More
Code signing is a valuable tool — if it’s secure Tomas Gustavsson July 11, 2022 Now more than ever, it’s important to instill trust in the software supply chain. Code signing can help organizations ensure the security of their software supply chain.Read More