Software development has evolved at an explosive pace, and while most security testing tools have embraced this evolution as a catalyst to innovate, static analysis tools seem to have missed the invite.
With long scan times, high-false positives, and costly, complex deployments, most static analysis tools leave...
Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.
Apps have become the new endpoint for the modern enterprise, driving productivity, revenue, and customer engagement. Globally, approximately 4 billion iOS and Android mobile devices are in use, with an average of 80 apps on each device, and each app is updated an average of 12 times a year. That means there are...
AI-assisted coding tools can speed up code production but often replicate existing vulnerabilities when built on poor-quality code bases. Snyk's Randall Degges discusses why developers must prioritize code base quality to maximize the benefits and minimize the risks of using AI tools.
APIs are the connections that make digital business happen. Companies on average rely on more than 15,000 APIs, but these interfaces pose security risks. In this "Deep Dive" special report, ISMG's Anna Delaney explores how security leaders are tackling API security.
Trail of Bits' Michael Brown explores the dual challenges of applying AI and ML to cybersecurity and securing these evolving technologies themselves. He discusses the complementary nature of traditional and AI/ML-based approaches and highlights the pressing need for secure development life cycles.
The recent CrowdStrike outage has forced CISOs to rethink their approach to software updates and security practices. David Brumley, CEO of Mayhem Security, discusses why thorough code analysis, staged rollouts and stress testing are crucial for ensuring software reliability.
AI has revolutionized app development, while also introducing security challenges. Liqian Lim of Snyk discusses the importance of implementing security measures early in the development process to manage AI tool-related risks and safeguard the software development life cycle from vulnerabilities.
Federal regulators and SolarWinds are eyeing a truce weeks after a judge dismissed most claims related to misleading investors about the company's security practices and risks. SEC lawyer Christopher Bruckmann said his team "proposed specific settlement terms," but the defense is unlikely to accept.
In the modern, API-driven era — where 26 to 50 APIs power the average application — API security couldn’t be more important. Unsecured APIs make easy targets for bad actors searching for exposed application logic, resources and sensitive data.
But despite having multiple API security products in place, 92% of...
Snyk CEO Peter McKay discusses lessons from the recent CrowdStrike outage, emphasizing the importance of robust development practices, effective communication and the integration of quality and security in modern software development. He also highlights Snyk's role in advancing developer security.
A supply chain security firm led by an ex-Google Cloud engineer closed a Series C round to assist AI workloads and expand its open-source software catalog. Chainguard raised $140 million just eight months after completing a $61 million Series B funding round, tripling its valuation to $1.12 billion.
What can one powerful security platform do for your cloud? According to Gartner®, “CNAPP offerings bring together multiple disparate security and protection capabilities into a single platform focused on identifying and prioritizing excessive risk of the entire cloud-native application and its associated...
A judge Thursday dismissed most of the claims federal regulators made against SolarWinds related to allegedly misleading investors about the company's cybersecurity practices and risks. The SEC can proceed only with claims related to the security statement issued by SolarWinds before the 2020 hack.
Multiple threat actors began exploiting a critical vulnerability in PHP within a day of its public disclosure last month and are moving quickly to infect systems with malware, according to a report by the Akamai Security Intelligence Response Team. Administrators are advised to patch immediately.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.